Recent Comments



Rick Strahl
Tuesday

re: Using Let's Encrypt with IIS on Windows

@Niko - yes, but because you can have certificates auto-renew themselves, having two certificates is really not a problem.


Niko
Tuesday

re: Using Let's Encrypt with IIS on Windows

@Rick Thank you! That means I have to install in this case really 2! certs?


Rick Strahl
Tuesday

re: Using Let's Encrypt with IIS on Windows

@Niko - yes you have to set up each individual subdomain include www.mydomain.com and mydomain.com.


Rick Strahl
Tuesday

re: Web Browser Control & Specifying the IE Version

@Daniel - IE7 is the default so if that's what you want you don't do any of this and just use the default.


Niko H.
Tuesday

re: Using Let's Encrypt with IIS on Windows

Hey Rick!

Great tutorial that you set up here!

I don't find the switch for "including the www." to the certificate. So do I have to install 2 certs for www. and without www. in windows (?) because Plesk on Linux offers the option to do that by cheching a box. Is that a limitation doing that under windows?

Thanks for any help!

Best regards

Niko


Santhosh
Tuesday

re: Web Browser Control & Specifying the IE Version

Hi Rick,

Issue: Some icons are not loaded properly when i load the website in Browser Control.

  1. I am using kendo js for a web site and it loads icons for Edit and Delete buttons for a grid
  2. But when i load the website in browser control, the icons are not loaded.
  3. I set the browser to IE11 using FEATURE_BROWSER_EMULATION. So this is running in IE11.

Some weird behavior i see is that, The icons are loadind in the following scenario:

  1. Open the same web site in Internet Explorer browser and then open the web site in Browser Control. The icons for Edit and Delete buttons are displayed.
  2. Close Internet Explorer browser and reopen the browser control then the icons are disappeared.

Thanks, Santhosh.


Daniel
Tuesday

re: Web Browser Control & Specifying the IE Version

Hi,

is it possible to brint the IE compnents for i.e. IE 10 with the application for systems where a smaller version (i.e. IE 7) is installed and use them?


Ian
Monday

re: More on ASP.NET Core Running under IIS

Great post. One minor correction to the intro information - Kestrel supports HTTPS according to https://docs.microsoft.com/en-us/aspnet/core/fundamentals/servers/kestrel


Paul Hunt
Monday

re: More on ASP.NET Core Running under IIS

Really interesting article, love the performance work that's been done by the team.

p.s. there's a small typo in the opening paragraph "commment"


NetoMeter
Saturday

re: Using Let's Encrypt with IIS on Windows

Rick,

I think it's only the first registration that has go over http even if a cert is already installed.

After you create a LE account (that's the first thing the client does) and a private/public key pair which is used for encrypting the communication with LE servers, the registration of the domain names that you need to have included in the certificates is performed, and a successful domain name registration (http-01 validation) with LE is valid for slightly longer than 11 months.

That explains why you don't see http subsequent validations from LE during the certificate renewals while the registration of the Domain Names is still valid - in 12 months, you'll have to perform a new registration (validation) of the names again.

Regards,

Dean


Thiago Henrique da Silva
March 17, 2017

re: More on ASP.NET Core Running under IIS

Great post Rick ! I think that the worker process name is wrong in some places. Was wrote w3p.exe but it's w3wp.exe


Lalit
March 16, 2017

re: Web Browser Control & Specifying the IE Version

Hello Rick,

I'm trying to use Whatsapp in my application. I'm using visual studio 2012. I couldn't find any browser (IE 11 as well) working with it. Only Edge 14.14393 (which I have in my pc, not sure about other versions of Edge.) is letting me open Whatsapp. But Edge is not running in Webbrowser control. I tried to following :

  1. manipulated <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
  2. Registry Hack, Setting 11001 in FEATURE_BROWSER_EMULATION but with no luck.

it always suggests to use modern browser.

Any help would be greatly appreciated.

Regards,

Lalit


Chris
March 16, 2017

re: Use Powershell to bind SSL Certificates to an IIS Host Header Site

What if I don't want Hostname support? Like the default IIS behaviour?

So to replicate through the UI, I would click on my Site, click "Bindings" and Hostname would be greyed out but I'm able to select my cert from the drop down. I would like to do this via powershell but can't seem to figure it out.


Ian Buchan
March 15, 2017

re: ASP.NET Core and CORS Gotchas

I have intermittently ended up on this blog multiple times per month throughout my career in the past 4 years. The advice has always been top notch, covering some of my biggest concerns, with detailed information and quality references.

This post basically covered the exact issue I'm facing with my Angular 2 app hosted through the webpack-dev-server and locally instantiated ASP.NET Core Web API in Kestrel; worked like a charm. Rick Strahl, high five man, you're freaking awesome.


Rick Strahl
March 14, 2017

re: Using and Debugging External Source Code Packages in ASP.NET 5

@Jeff - Looks like this is not really possible anymore although the feature may come back. Mentioned on the Community Standup today actually: https://youtu.be/qlVE5iDjBIg?t=6m35s


Chechs
March 14, 2017

re: External Links in Cordova for iOS

Hi Rick,

Is there any way for links inside the In-App browser window to be opened in system browser?

Like I open a site www.internalsite.com using the in-app browser. And I have some links present on that site. Now I want to open that site in external, system browser like Chrome/Safari. How's that possible?

Thanks


Rick Strahl
March 13, 2017

re: Publishing and Running ASP.NET Core Applications with IIS

@James - Kestrel inherits the execution context from the IIS Application Pool you configure, so things should continue to work the way they worked when running classic ASP.NET applications. As long as you got a proper account setup for this it should work fine using passthrough security from your application into SQL as long as you have a valid domain account. I'm working on a followup post that talks about some of the questions raised here. Should be out when I get some spare cycles.


Jeff Bailey
March 13, 2017

re: Using and Debugging External Source Code Packages in ASP.NET 5

Does this still work with the csproj netcore VS2017 world? I can't find any documentation.


James A
March 13, 2017

re: Publishing and Running ASP.NET Core Applications with IIS

Hey, as always, great post. Very thorough.

Question. Working in a big enterprise, we have to use Active Directory Domain identities and configure the IIS App Pools to run as those domain IDs in our environments, so that the apps can call across the network and connect to SQL Server. SQL Server will then also have the domain id registered as a valid login user. Not allowed to use passwords (even encrypted) in connection strings.

Even more fun, for our PROD environments, our security people are the only people allowed to log in to prod web servers and configure the App Pools to run as the domain identity. Only they have the passwords to the AD domain identities (stored in a password vault).

Will this setup be the same, connecting to SQL Server from a CORE app in Kestrel running behind IIS? If we have to go back to using connection strings with passwords, I will have a hard time selling that to the IT and Info Sec folks.


Sean Kearon
March 13, 2017

re: Debugging the Web Browser Control with FireBug

Makes sense - the PITA that you know well is always lesser than a new one!


Rick Strahl
March 13, 2017

re: Debugging the Web Browser Control with FireBug

@Sean - I've played with various Chrome variant frameworks, but to be honest I found that to be a hassle. Between the massive distribution size, the frequent version updates and breakages, as well as seeing a number of applications using these libraries failing, I've always fallen back to using the Web Browser control. To be sure that's a pain too, but I've fought most of those battles before and I know what I'm looking at. It's not trivial if you're doing actual DOM interactions, but it works very well once you get it tweaked right.


Sean Kearon
March 11, 2017

re: Debugging the Web Browser Control with FireBug

Yes, that's just awesome! If I'd have known that before, it may have tipped me into using web browser control.

I'm wondering if you've ever had any experience with the Chrome Embedded Framework?


Rick Strahl
March 11, 2017

re: ASP.NET Core and CORS Gotchas

@Alex - works for me on IIS Express and IIS. There is no reason that the behavior should be any different on a different Web Server because in the end it's just HTTP headers that get injected and the Kestrel is the one doing it regardless of whether IIS Express sits in front of it or not. There must be something else going on. A 401 is not found which I think is different than a CORS error.

@Daniel - What's the exact error message from jquery for this? This really shouldn't be a jquery issue, but a browser issue since the brower's XHR determines the CORS viability.


Rick Strahl
March 10, 2017

re: Using Let's Encrypt with IIS on Windows

@Guilliaume - I know it works because I have LetsEncrypt-WinSimple handle auto-renewals for me on a couple of sites that auto-redirect to https. I think it's only the first registration that has go over http even if a cert is already installed.


Rick Strahl
March 10, 2017

re: Using CSS Transitions to SlideUp and SlideDown

Thanks Roy, for taking a look at that. Going to try it out and if it works add it to the article.


Daniel U.
March 10, 2017

re: ASP.NET Core and CORS Gotchas

I followed you implementation. Unfortunality i got Errors like the "URL" is not found in Access-Control-Allow-Origin-Header

I use a JQuery Ajax get request to load an rss feed.

If i use Chrome with Cors extension enabled it works fine. Is it deaktivated or i use another browser i got Errors.

What did i wrong.

Using ASP.net Core with Kestrel


Jorge Rodríguez Galán
March 10, 2017

re: Loading .NET Assemblies out of Seperate Folders

My vote for simplicity...

My trajectory has been MEF, load assemblies from the same domain, from different appdomains and back to the same domain. For me this is the most easy, not overkill and maintainable solution. Currently I prefer to use a mixed approach with a host that act as the addin assembly referencing the specific module as a nuget package.


Roy
March 10, 2017

re: Using CSS Transitions to SlideUp and SlideDown

Tnx for the quick reply. I tried several things, but in my case nothing really worked. So I found another solution. I do not calculate the max-height with Javascript, but I use a fixed max-height. For example:

 setTimeout(function() {
    $el.css({"max-height": "99999px"});
 }, 20);

For me it is enough. The container will not be any larger than the content that it contains. I still use the delay, because it combines nice with the scroll animation I also use.


Guillaume P
March 09, 2017

re: Using Let's Encrypt with IIS on Windows

@Rick Strahl : Walt - I use https redirects and it seems to work. I think for the first registration it has to be http, but for renewal https requests seem to work for me.

https redirect works well for renewal but what will happen when expiration date is reached ? the script handles that with submitting a new challenge request but it might need to do a http request as for the 1st run.

What do you think about it ?


Rick Strahl
March 09, 2017

re: Using CSS Transitions to SlideUp and SlideDown

Yeah it looks like in iOS 10 that somehow got broken... maybe using innerHeight and a wrapping container with no padding or margins?


kaibingz
March 09, 2017

re: AngularJs and Promises with the $http Service

Great article. Exactly the answer I was looking for. Thank you so much!


John H
March 09, 2017

re: Creating a JSONP Formatter for ASP.NET Web API

I know its an old thread and thanks for this solution. Just to note the the Dispose() of the StreamWriter() closes the underlying Stream. This can cause problem with other filters where a MemoryStream is passed to WriteToStreamAsync.

.Net 4.5 now has a leaveOpen bool in one of the StreamWriter constructors.

I have removed the Dispose() from the code with no memory or resource issues.


Roy
March 09, 2017

re: Using CSS Transitions to SlideUp and SlideDown

Hello,

Great tutorial! It works great for me. But it doesn't seem to work in Safari (iphone and macbook). I tested with alert and it seems that Safari doesn't calculate the outerHeight. Does anybody know a solution?


Rick Strahl
March 08, 2017

re: External Network Access to Kestrel and IIS Express in ASP.NET Core

@Jose - looks like both are working in Dotnet run tooling 1.0.


Rick Strahl
March 08, 2017

re: Publishing and Running ASP.NET Core Applications with IIS

@Alex - The ASP.NET Core Module will launch Kestrel in the same user context as the IIS Application Pool the IIS app was started in, so the Kestrel process will inherit those writes and that environment. You may want to experiment with the user account in use - if you use the default is an super low rights Application Pool user and that may not have access to any machine environment whatsoever.


Kevin
March 08, 2017

re: Debugging the Web Browser Control with FireBug

You are correct that is freaking awesome thanks for posting!


Alex
March 08, 2017

re: Publishing and Running ASP.NET Core Applications with IIS

Just wondering did not you notice following - while running from behind IIS dotnet core app loose ability to read machine level environment variables, but if run it as dotnet app.dll all works as expected


Jose Marcenaro
March 08, 2017

re: External Network Access to Kestrel and IIS Express in ASP.NET Core

Thanks Rick for the comprehensive post.

As you may know, APIs hate blog posts, so they rapidly evolve to turn the posts obsolete ;)

In this case it is a tiny change: current versions of Kestrel do not use the "server.urls" parameter but "urls" instead.

So the updated line should say

"Set the --urls command line parameter".


Alex
March 06, 2017

re: ASP.NET Core and CORS Gotchas

That seems to work with Kestrel. But not with IISExpress. Still getting 401.


Scott Kowalczyk
March 06, 2017

re: Visual Studio Web Publish Lockup? Check for invisible Window

I'm running into a hidden 'Publish Database' window on Window 10 that doesn't let me move the window with Alt+[Space]. You can activate it if you bring up Task Manager, expand Microsoft Visual Studio 2013, right click on 'Publish Database', and select 'Switch to'.


Rick Strahl
March 06, 2017

re: Getting JavaScript Properties for Object Maps by Index or Name

@wqw - quite right. Pointed at old copies (sheesh). Updated code samples and CodePen is correct.


wqw
March 06, 2017

re: Getting JavaScript Properties for Object Maps by Index or Name

The iter var prop is not used in the body of these for loops. Am I missing something?


Arun
March 06, 2017

re: Passing multiple POST parameters to Web API Controller Methods

Hi, Lovely post. I was searching for this for infinity. I made a tweek in getting the data as I had a model to receive one of the inputs. Changed var album = jalbum.ToObject(); To List jalbum1 = json.Input1.ToObject<List>();


Mark H
March 05, 2017

re: Adding minimal OWIN Identity Authentication to an Existing ASP.NET MVC Application

Thanks for this article. I had a go at implementing Owin before I realised it was easier and faster to write my own library.

OAuth is not a difficult protocol to implement. But when it takes this much minimal code to implement a library, which has deep reliances on other unneccesary libraries, many entry points and outside code required, you know something is wrong. The application startup config code also doesn't lend itself to multi-tennant apps. This middleware is simply an overengineered mess.

I implemented several providers. Each one had its own slight twist/quirks on OAuth, but I only needed to override 3 properties and a method from a base class for each provider in my library, which were more similar than different. I simply pass in the HttpRequest, the provider, and add one new route to the web app, then look for a ProfileInfo class to eventually come back (or an error). A few lines of readable code.

Owin was useful for monitoring requests and response urls, but I recommend rolling your own code. Otherwise its a sledgehammer to crack a nut.


snerks
March 05, 2017

flameater
March 04, 2017

re: IIS Default Documents vs. ASP.NET MVC Routes

Thanks Rick. I couldn't find a more straightforward solution to this dilemma elsewhere in the entire web. Additionally, I had to recompile the project to put this solution into effect.


Rick Strahl
March 01, 2017

re: Web Browser Control & Specifying the IE Version

Probably not. The task pane relies on an old version of IE and unless you rebuild (there is source code) to remove those things the answer is now you can't.

Then again. Task Pane? Really? :-)

First thing I turn off in any VFP install.

+++ Rick ---


Roger
March 01, 2017

re: Web Browser Control & Specifying the IE Version

Hi Rick When I set the browser to IE11 for VFP9, I lose the environment manager in the VFP task pane. Is it possible to modify the task pane so that it will work with the IE11 setting?

Thanks


Rick Strahl
February 28, 2017

re: Web Browser Control & Specifying the IE Version

@Mark - I'm not sure you'll have to check with GoDaddy or just try it. Permissions may not be the problem, but IIS has to be configured to allow access to a user profile. If you do have one (ie. a full user account) then you should be able to write to the Current User registry key.

You can't insert an Edge header if the page is already rendered obviously :-) The only way you could inject is by writing an ASP.NET Module to inject it before the page is sent to the browser to render.


Mark
February 28, 2017

re: Web Browser Control & Specifying the IE Version

Rick. Our website is currently hosted with Godaddy on a shared hosting plan. We have c# code in a background thread that uses an instance of the web browser control. I apologise for any naivety but a) do you think our code would have Access permission to change registry keys, b) we use the control to scrape our external client's websites, can we insert the edge meta tag programmatically even though the client's web pages may not have it in?