3

In my code, when a certain exception happens, im returning

Response.AddHeader("X-Status", "çãõáéí");
Response.Charset = "utf-8";
Response.HeaderEncoding = Encoding.UTF8;
return new HttpStatusCodeResult(403, "You lack permission X, Y and Z");

and using Postman I was surprised to see 3 things:

  1. the body of the response. it should be empty.. the response should contain only headers, but the body is actually full of html/css...
  2. the Content-Type header was only "text/html" and not "text/html charset=utf-8"
  3. there was nothing indicating that "Response.HeaderEncoding" was set... whether it was set to utf8 or utf32 or big-indian...

So, how can I "make" the body empty? meaning that I wish the content of the response to be clear... Extra points if you are able to teach me to encode X-Status so the browser displays especial chars correctly and not like a upside down question mark...

Improve this question
1
  • 1
    In testing your code in a blank project, it looks like you're getting the IIS error page for 403. Still looking for a solution, but I'm not sure how you bypass those error pages. Commented Oct 8, 2015 at 18:51

1 Answer 1

Reset to default
4

It didn't seem obvious, but in order to bypass the IIS errors, you need to do something like:

<system.webServer>
  <httpErrors errorMode="Custom" existingResponse="Auto">
    <remove statusCode="403" />
  </httpErrors>
</system.webServer>

Essentially, you need to override/remove the default handler for the error code you're returning (in this case, Forbidden/403). Otherwise, your 403 response will trigger IIS's error handling and you get:

IIS generic forbidden page

which is self-explanatory, I think.

This does introduce another problem: this is site-wide. It might be possible to handle the response code on a per-action basis (possibly with a filter, though that may be too far into the pipeline), but I'm not sure at this point.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.