Site Feedback Thread

18 posts

Forum Read Only

This forum has been made read only by the site admins. No new threads or comments can be added.

I CANNOT ENTER MY OWN PROFILE!

Back to Forum: Site Feedback
  • User profile image
    hack2rootho​tmai

    Why I cant login NOT USING Windows LIVE ID if I have ONE?

    Wht I cant GOTO TO OROFILE PAGE, Bacuse of error: Server error ./ is not a valid path name?

    Why it is so stupid that 12-yrs experienced .NET can do NOTHING about it?

    Why I'm stuck with this LOGIN problems?

    Why I CANT CHANGE MY LOGIN, if it is errornnous, AT LEAST?

    P.S.

    If you think i have not tried, Saferi, WinXPSP2, coffehouse, Even IPhone, you are wrong, I TRIED ALL THE STUFF....

    Why channel9 sucks? I do not want it to be so user UNFRIENDLY!!!!

     

    Server Error in '/' Application.

    The resource cannot be found.

    Description: HTTP 404. The resource you are looking for (or one of its dependencies) could have been removed, had its name changed, or is temporarily unavailable.  Please review the following URL and make sure that it is spelled correctly.

    Requested URL: /Niners/hack2roothotmai./

  • User profile image
    ZippyV

    If you had chosen a decent nickname you wouldn't have this problem.

  • User profile image
    Charles

    ZippyV said:

    If you had chosen a decent nickname you wouldn't have this problem.

    Yes. The bug is that we allow you to enter a username with a "." at the end... This is our bug, not yours... We will fix this by not allowing special characters like a dot in usernames because this will break URLs.

    C

  • User profile image
    Dodo

    Charles said:
    ZippyV said:
    *snip*

    Yes. The bug is that we allow you to enter a username with a "." at the end... This is our bug, not yours... We will fix this by not allowing special characters like a dot in usernames because this will break URLs.

    C

    It's a dot... the only characters that can genuinely break URLs are #, / and ?

    You can't be serious...

  • User profile image
    Human​Compiler

    Dodo said:
    Charles said:
    *snip*

    It's a dot... the only characters that can genuinely break URLs are #, / and ?

    You can't be serious...

    Dots in the middle of a url won't break anything.  It's the fact that the dot is at the end of the url.

  • User profile image
    Duncanma

    HumanCompiler said:
    Dodo said:
    *snip*

    Dots in the middle of a url won't break anything.  It's the fact that the dot is at the end of the url.

    I've found something on MSDN that implies this is an underlying limitation of the OS, which might explain the weird behaviour I'm seeing with this path and IIS. When any path on C9 is requested our handler is called and that starts our pipeline to process and respond to the request... but if you have a period at the end it just goes to a 404, without going through our code at all.

    I'll just have to add logic to encode periods at the end of names

  • User profile image
    TommyCarlier

    Duncanma said:
    HumanCompiler said:
    *snip*

    I've found something on MSDN that implies this is an underlying limitation of the OS, which might explain the weird behaviour I'm seeing with this path and IIS. When any path on C9 is requested our handler is called and that starts our pipeline to process and respond to the request... but if you have a period at the end it just goes to a 404, without going through our code at all.

    I'll just have to add logic to encode periods at the end of names

    Could you also add logic that detects if somebody is using too much upper-case letters and exclamation points?

  • User profile image
    Dodo

    HumanCompiler said:
    Dodo said:
    *snip*

    Dots in the middle of a url won't break anything.  It's the fact that the dot is at the end of the url.

    Shouldn't matter either. HTTP requests represent symbolic links, not files. The symbolic links can have the same structure as the file system, though. And if you're doing it right, the only character that cannot be allowed is the # symbol because browsers use it for anker links. ? and / could to some extent appear in the middle of URLs without causing problems, but that would require to all possible URLs to be mapped to the content or they have to appear in the last possible URL tree level. IIS shouldn't support that weird stuff, though, I think.

  • User profile image
    Duncanma

    Dodo said:
    HumanCompiler said:
    *snip*

    Shouldn't matter either. HTTP requests represent symbolic links, not files. The symbolic links can have the same structure as the file system, though. And if you're doing it right, the only character that cannot be allowed is the # symbol because browsers use it for anker links. ? and / could to some extent appear in the middle of URLs without causing problems, but that would require to all possible URLs to be mapped to the content or they have to appear in the last possible URL tree level. IIS shouldn't support that weird stuff, though, I think.

    Well, I'm pretty sure we are doing it right and we don't even get an option to handle the request if the period is at the end... I agree that the character shouldn't be an issue, but we have found now that it is...

    Sadly, I haven't figured out a good way to escape it yet, but blocking it on the way in is a good idea regardless.

  • User profile image
    stevo_

    Dodo said:
    HumanCompiler said:
    *snip*

    Shouldn't matter either. HTTP requests represent symbolic links, not files. The symbolic links can have the same structure as the file system, though. And if you're doing it right, the only character that cannot be allowed is the # symbol because browsers use it for anker links. ? and / could to some extent appear in the middle of URLs without causing problems, but that would require to all possible URLs to be mapped to the content or they have to appear in the last possible URL tree level. IIS shouldn't support that weird stuff, though, I think.

    shouldnt matter.. but clearly does.. iis is still pretty traditional in that it maps url paths relatively to app paths to find a unit of execution.. although iis7 is a big step away from that.

  • User profile image
    MasterPi

    TommyCarlier said:
    Duncanma said:
    *snip*

    Could you also add logic that detects if somebody is using too much upper-case letters and exclamation points?

    +1

  • User profile image
    Charles

    HumanCompiler said:
    Dodo said:
    *snip*

    Dots in the middle of a url won't break anything.  It's the fact that the dot is at the end of the url.

    Precisely... "dot nothing" or URL string +"." doesn't leave much room for the server to reason about what execution path to take...

    C

  • User profile image
    Dodo

    Charles said:
    HumanCompiler said:
    *snip*

    Precisely... "dot nothing" or URL string +"." doesn't leave much room for the server to reason about what execution path to take...

    C

    Why would you need to reason for an execution path? Just use a default one, for everything.
    All URLs under the path of where the application resides should be passed to the application and the application determines which content should be displayed. Does IIS mandate a file extension of some sort? If so, that's bad.

  • User profile image
    Human​Compiler

    Dodo said:
    Charles said:
    *snip*

    Why would you need to reason for an execution path? Just use a default one, for everything.
    All URLs under the path of where the application resides should be passed to the application and the application determines which content should be displayed. Does IIS mandate a file extension of some sort? If so, that's bad.

    No, IIS does not.  Do you see any file extensions in Channel 9 urls?

    This seems to just be a weird (more than likely legacy) case.

  • User profile image
    Dodo

    HumanCompiler said:
    Dodo said:
    *snip*

    No, IIS does not.  Do you see any file extensions in Channel 9 urls?

    This seems to just be a weird (more than likely legacy) case.

    Probably because filenames must not have a dot at the end, because a dot in the end would indicate you mean a directory instead of a filename with no extension, in the case both are present. I see, so IIS is still evil and unable to pass all URLs to the application...

  • User profile image
    Human​Compiler

    Dodo said:
    HumanCompiler said:
    *snip*

    Probably because filenames must not have a dot at the end, because a dot in the end would indicate you mean a directory instead of a filename with no extension, in the case both are present. I see, so IIS is still evil and unable to pass all URLs to the application...

    Yes, evil.  It's out to get us.

  • User profile image
    Charles

    HumanCompiler said:
    Dodo said:
    *snip*

    Yes, evil.  It's out to get us.

    By reasoning, I'm talking about mapping extensions, which point to some type of execution "engine" (DLL). Just because you can have URL's without any extensions (like.aspx, .whatever,...) doesn't mean that when you supply a URL ending in a "." that IIS will magically understand what this means. At any rate, I'm certain Erik and rest of the C9 dev stars will solve this issue. My vote is to prevent this from happening by not allowing usernames to be created that end with ".". For the ones that currently do (I think there's just one), remove the trailing dot and call it a day (so, change the user name to have no "." at the end, in the db).

     

    C

  • User profile image
    Human​Compiler

    Charles said:
    HumanCompiler said:
    *snip*

    By reasoning, I'm talking about mapping extensions, which point to some type of execution "engine" (DLL). Just because you can have URL's without any extensions (like.aspx, .whatever,...) doesn't mean that when you supply a URL ending in a "." that IIS will magically understand what this means. At any rate, I'm certain Erik and rest of the C9 dev stars will solve this issue. My vote is to prevent this from happening by not allowing usernames to be created that end with ".". For the ones that currently do (I think there's just one), remove the trailing dot and call it a day (so, change the user name to have no "." at the end, in the db).

     

    C

    Yup, that's the solution we decided on.  Not sure if Duncan got around to fixing that yet or not.

Conversation locked

This conversation has been locked by the site admins. No new comments can be made.