To add more detail to this, this is a problem!
customErrors must be on for UserFriendlyException. This is fine.
httpErrors must be off for UserFriendlyException.
But then, if the user attempts to visit a URL they don't have permission for, IIS displays its default 403 error page because you can't have httpErrors configured in web.config.
No problem. I haven't really made any more progress :(
system.web/CustomErrors must be on for text in UserFriendlyExceptions to be displayed on the client.
Status code 401-Unauthorized should not have an explicit customError as this causes issues with redirection to the login page.
system.webServer/httpErrors can not be on or it also breaks UserFriendlyException. I haven't got to the bottom of why but assume it is in ABP framework code.
UPDATE: there is a problem with using httpErrors which is that it stops the error messages from UserFriendlyException being displayed. I am going to read up more on this but wanted to update this thread.
I have my preferred solution now.
I set customErrors off, and in httpErrors I was missing the existingResponse attribute. So now I use this:
<system.webServer>
<system.webServer>
<httpErrors errorMode="Custom" existingResponse="Replace" defaultResponseMode="File">
<remove statusCode="400"/>
<remove statusCode="401"/>
<remove statusCode="402"/>
<remove statusCode="403"/>
<remove statusCode="404"/>
<remove statusCode="405"/>
<remove statusCode="406"/>
<error statusCode="400" path="Errors\400.html" />
<error statusCode="401" path="Errors\401.html" />
<error statusCode="402" path="Errors\402.html" />
<error statusCode="403" path="Errors\403.html" />
<error statusCode="404" path="Errors\404.html" />
<error statusCode="405" path="Errors\405.html" />
<error statusCode="406" path="Errors\406.html" />
</httpErrors>
</system.webServer>
This works well, but I can not find where the text for other errors come from. For example, if I get a 501, I don't get the default IIS 501 page in full but I do get the appropriate 501 error message.
HI ismcagdas,
turning customErrors off seems like cheating.
I want ASP.NET to handle errors for requests that enter the and then fail in the ASP.NET pipeline.
I want IIS to handle errors for requeests that do not enter the ASP.NET pipeline e.g. static files that are missing so give a 404.
Why do requests for static files e.g. <a class="postlink" href="http://www.abpzerosite.com/image.jpg">http://www.abpzerosite.com/image.jpg</a> enter theASP.NET pipeline - I can't find any routing configuration for this in the source?
Turning customErrors off does not actually seem to work. I am investigating this now. Is that because of this code:
context.HttpContext.Response.TrySkipIisCustomErrors = true;
Hi alper,
thank you for your reply but I don't think your solution applies to me as I am not using ASP.NET Core.