Existent file. http://us.battle.net/d3/static/images/layout/site-bg/body-bg-1680px.jpg
Nonexistent file. http://us.battle.net/d3/static/images/layout/site-bg/body-bg-2500px.jpg
Normally, web server should give an error like: "Not found. The requested document was not found on this server."
However, trying to reach a missing image loads Battle.net's own 404 page.
How do they handle it? .htaccess? front controllers? custom webserver configuration?
It depends on the webserver being used. In apache there are configuration options to set custom paths for error responses including 404, e.g.
ErrorDocument 404 /somewhere/customMessage.html
ErrorDocument 500 /somewhere/differentMessage.html
So that would go in the apache config or you could put it in .htaccess.
Related
I am able to fetch files that are in a server's context root. For example, wget https://<ServerDomain>:<ServerPort>/index.html works with no problem. However, I need to fetch a file that is not in the server context root (or a subdirectory of that). As a test , I tried to fetch a file from the parent directory of the context root using wget https://<ServerDomain>:<ServerPort>/../filename but this returns
Resolving <ServerDomain> (<ServerDomain>)... <ServerIPAddress>
Connecting to <ServerDomain> (<ServerDomain>)|<ServerIPAddress>|:<ServerPort>... connected.
HTTP request sent, awaiting response... 404 Not Found
2019-01-07 18:49:56 ERROR 404: Not Found.
What is the "path format" to be used in such a case?
Thank you in advance.
melpomene's comment resolved the issue:
If the server is properly configured, you can't. Otherwise an attacker could just download e.g. example.com/../../../../../../../etc/passwd or any file in the system.
I'm trying to get the latest version of an artifact.
going to http://archiva:8080/restServices shows me the Available RESTful services: clicking on http://archiva:8080/restServices/archivaServices?_wadl leads to an empty(all white) page fore me. Opening the Development tools in my browser I get this output in the javascript-console
Failed to load resource: the server responded with a status of 404 (Not Found)
and
GET http://archiva:8080/restServices/archivaServices?_wadl 404 (Not Found)
I also read here that there should be a application.wadl but for me there isn't!
I use the latest(2.2.1) Standalone version from here
the request for a certain artifact looks like that
http://archiva:8080/restServices/archivaServices/searchService/artifact?g=eu.test&a=test&v=LATEST
Maybe you miss the contextPath in the url. For example, if you want to access the ping service. The url could be:
http://localhost:8080/archiva/restServices/archivaServices/pingService/ping.
Please notice that maybe you will get 403 due to by default archiva does not allow csrf access.
The configruation detail is: http://archiva.apache.org/docs/2.2.3/adminguide/customising-security.html
I have a web application using ASP.NET 4. It displayed error below :
Mixed Content: The page at 'https://... was loaded over HTTPS, but requested an insecure script 'http://ajax.aspnetcdn.com/ajax/4.5.1/1/WebForms.js'. This request has been blocked; the content must be served over HTTPS.
It probably due to below :
But I didn't used above in the project. And I have enable CDN=true at the Script Manager as below.
How should i troubleshoot it or solve it ? Any clues ?
Thanks.
You are trying to load an insecure script (from http) over a secure context (https).
Try to load the script from https like this:
https://ajax.aspnetcdn.com/ajax/4.5.1/1/WebForms.js
I installed a new instance of hybris server in a VM and made it available on a public internet page. I am trying to call the Product resource REST server or even a simple list of countries REST service.
http://xxx.xxx.com/ws410/rest/countries
However, I am getting an error with the status "HTTP/1.1 404 Not Found". Please can you help me?
Am I missing something? Should I Configure ws410 path somewhere?
Did you added platformwebservices extension into your localextensions.xml file ? Please ensure that you have below line in your localextensions.xml file
<extension name="platformwebservices" />
For more details check this.
ws410 is a default webroot path which is defined in platformwebservices/extensioninfo.xml file.
<webmodule jspcompile="false" webroot="/ws410"/>
Do you add the port 9001 par default on your URL. Try this http://xxx.xxx.com:9001/ws410/rest/countries
I want to prevent the user from accessing the Hidden Directories like Scripts, Contents, aspnet_client directly from the browser in a asp.net mvc 2 application. Currently whenever I try to access the above mentioned Hidden Directories it is returning the following error message:
403 - Forbidden: Access is denied.
You do not have permission to view this directory or page using the credentials that you supplied.
I want to show "404 Not Found" error page whenever one tries to access the above mentioned hidden directories.
Can anyone help me with to resolve this issue?
When attacker try to access the file with some random name, if given file name not exists then it will give error like "404 File not exists". if file name exists but don't have access to file then it will return error like "403 Forbidden" error. so attacker get idea of the file and file directory.
So the application should be capable of handling this issue
Solution is to show the return response in different way, recommended to show as 404 error.
To do this in IIS we can add customerError configuration in the web.config file.
Please check the below article for the details of issue and solution.
https://www.c-sharpcorner.com/UploadFile/092589/custom-error-page-in-Asp-Net/
You may want to add custom handler - something like this - http://forums.asp.net/post/4152906.aspx