Reputation: 2822
302 Infinite Loop
I have a web application that is stuck in an infinite loop, and I have no idea where to look next. This is an intranet site, so there is no link I can share, but I've listed as many details as I can think of below. I would appreciate any ideas or suggestions. Anyone has.
The details:
- IIS 7
- .Net 4.0
- Windows 2008
- Default document is Login.aspx
- No HTTP redirect set on app or Login.aspx in IIS
- Fiddler shows Login.aspx using status code of 302 and redirecting to Login.aspx
If I open my site, it points to Login.aspx and gets stuck in a 302 loop. If I open the site but point to register.aspx, Fiddler shows register.aspx going to Login.aspx which of course redirects to Login.aspx.
What I've done:
- Run the webapp from Visual Studio -- everything works fine
- Check web.config for redirect commands -- there are none
- Check IIS for redirect commands -- there are none
- Look at Fiddler for another page in the loop -- there are none, just Login.aspx to Login.aspx
- Check Login.aspx for redirect commands -- there are none
- Check Login.aspx code behind for redirect commands -- there are none
- Run the app on my box using the web.config from the server -- everything works
- Check Login.aspx for redirect commands -- there are none
- Cleared Cache -- problem still persists
- Republished -- problem still persists
- Republished and cleared Cache -- problem still persists
- Disabled Default Document in IIS
Upvotes: 6
Views: 10056
Answers (3)
Reputation: 33867
Will share this just in case it is an answer, as it sounds like a problem we had.
ASP.net MVC site with
[RequiresHttps]attribute on our login action.Behind a load balancer that was doing SSL acceleration (resulting in the request that actually hits the server side code being already decoded and effectively under http).
Server code thinks this is an issue and redirects back to itself using https.
Rinse and repeat.
Been quite a long time since this was answered, and my comment below here to 'not use RequireHttps' is probably a bit out of date.
Anyone looking at this answer and thinking that it answers their problem would probably be well advised to look into configuring their load balancer to use X-Forwarded-Proto headers:
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-Proto
And then setting up their MVC site to be able to read these and still think they are under HTTPS at the border of your environment:
Upvotes: 5
Reputation: 149
I had encountered a similar bug. But mine was a typo with two Response.Redirect back to back.
If (conditon1){
Response.Redirect("Page1.aspx");
}
If (conditon2){
Response.Redirect("Page2.aspx");
}
And the fix was to simply put the other if in the else block.
Upvotes: 1
Reputation: 2822
Found the problem. Found this logic in the MasterPage:
Dim strPage As String = Request.Url.AbsolutePath.Replace("/", "")
'Check that user is logged in
If Not strPage = "Login.aspx" And Not strPage = "Register.aspx" Then
If Session("intUserId") Is Nothing Then
Response.Redirect("~/Login.aspx", True)
End If
End If
Evidently, strPage does not equal Login.aspx when browsing to Login.aspx on the server.
I should have cought this when I was investigating it. Thanks Ross for your comment, it helped me to find this!
Upvotes: 2
Related Questions
- Http Redirect 302 attempt resulting in "unable to evaluate expression because the code is optimized or a native frame is on top of the call stack"
- ASP.NET Submitting Form - Status Code 302 Found
- Website returns 302 instead of 200
- IIS - Unexplained 302 response code
- Yet another 404 page problem in IIS 7
- 404 redirect header showing 302
- IIS7 .NET (2.0, 4.0) completely hosed with a Bad Request (Error Code 400) error
- 302 redirect still attempting to run original request
- .net site all pages do a 302 redirect with AspxAutoDetectCookieSupport
- Infinite loop with HTTP 401 status