[Mono-list] Bug with non-secured resources in ASP.NET
Abe Gillespie
abe.gillespie at gmail.com
Tue Mar 9 09:40:42 EST 2010
Any word on this? It's really hurting my business right now.
Thanks!
-Abe
On Fri, Mar 5, 2010 at 4:05 PM, Abe Gillespie <abe.gillespie at gmail.com> wrote:
> This seems to be new since somewhere around 2.4.x. I my Web.config
> I've got resources protected and others globally available a la:
>
> <system.web>
> <customErrors mode="Off"/>
> <authorization>
> <deny users="?"/>
> </authorization>
> <authentication mode="Forms">
> <forms name=".ASPXAUTH" loginUrl="~/login.aspx"/>
> </authentication>
> </system.web>
>
> <location path="callback.aspx">
> <system.web>
> <authorization>
> <allow users="*"/>
> </authorization>
> </system.web>
> </location>
>
> <location path="common">
> <system.web>
> <authorization>
> <allow users="*"/>
> </authorization>
> </system.web>
> </location>
>
> Mono grants public access to files (like images and css files) in the
> common directory as expected. However, callback.aspx is forwarding
> the page to the login page which is not expected. This one's critical
> for me in that the callback.aspx page is the end point for Google
> Checkout. Now that it's erroneously forwarding to the login page
> Google Checkout is unable to send checkout events to my system thus
> preventing online sales.
>
> I'll be happy to file a bug but was hoping there was a quick
> work-around in the mean time just so that I can get functioning again.
> Again, this has been working all along in Mono up until at least
> 2.4.x.
>
> Thanks.
> -Abe
>
More information about the Mono-list
mailing list