Url Rewrite ASP.NET 2.0 and HttpUnhandledException or Cannot use a leading .. to exit above the top directory

by apijunkie 23. December 2008 03:21

I was really surprised to discover this bug a couple of days back while working on an ASP.Net 2.0 web site.

I spent several hours barking up the wrong code tree since I was convinced it had to do with some recent code changes I made.

But as it turns out this problem is as old as the server itself and for some reason has not been fixed by any .Net patches.

The jist of it is that if you encounter .net exceptions that only happen on your server with certain types of traffic ( examples: google bot, yahoo bot and some other esteemed visitors), you might be the victim of an annoying bug that has existed, as far as I could tell, for a couple of years and has not been fixed till date.

The telltale signs would be server exceptions that look like ->

Exception of type 'System.Web.HttpUnhandledException' was thrown.
Stack trace: at System.Web.UI.Page.HandleError(Exception e)

And inner exception type ->

System.Web.HttpException: Cannot use a leading .. to exit above the top directory. at System.Web.Util.UrlPath.ReduceVirtualPath(String path)

---------------

As it turns out this bug has to do with .Net 2.0 browser detection bug and can be fixed by adding a browser definition file to correct the problem.

You can also reproduce and test the browser detection bug here.

Note that this bug often occurs when you use url rewriting on your server.

 

Tags:

IIS

Comments are closed

About the author

Name of author

I was first wounded by x86 assembly, recovered and moved on to C. Following a long addiction to C++ and a short stint at rehab I decided to switch to a healthier addiction so I am now happily sniffing .NET and getting hooked on Silverlight.

I am mainly here to ramble about coding, various API’s, Junkies(me especially) and everything else that happens between coders and their significant other.

  James Bacon