Developer forum

Forum » Development » This operation requires IIS integrated pipeline mode

This operation requires IIS integrated pipeline mode

E-mail notifications
Kim Pedersen
Reply
Posted on 16/08/2011 15:52:33
Hello
The last few weeks I got this error message many times a day here on developer.dynamicweb-cms.com. Does anyone know what happens?

Server Error in '/' Application.

This operation requires IIS integrated pipeline mode.

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.PlatformNotSupportedException: This operation requires IIS integrated pipeline mode.

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace: 

[PlatformNotSupportedException: This operation requires IIS integrated pipeline mode.]
   System.Web.HttpResponse.set_SubStatusCode(Int32 value) +3097934
   Dynamicweb.Database.SQLInjectionIpBanned() +221
   Dynamicweb.Database.SQLInjectionPrevent() +270
   Dynamicweb.Frontend.GlobalAsaxHandler.Application_OnPreRequestHandlerExecute(Object sender, EventArgs e) +1571
   Dynamicweb.Admin.Global.Application_OnPreRequestHandlerExecute(Object sender, EventArgs e) +48
   System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +148
   System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +75

Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.1
error.png

Replies

 
Nicolai Høeg Pedersen
Posted on 16/08/2011 17:01:02
Reply
I do...

The developer site is running a pre release of Dynamicweb 8 which has a new version of the SQL-Injection prevention system. It detects various possible attacks and rate them as serious or not that serious. If the possible attack seems serious, the IP committing the "unwanted" data is banned for 5 minutes. Then when returning from that IP you get a 403.6 status code, and apparently it is not possible to send substatus codes if not in integrated pipeline (HttpContext.Current.Response.SubStatusCode = 6).

It seems like you did a search for "Create user" - and the system saw that as part of a SQL statement and banned your IP. So 2 bugs - it should of course not be caught when searching and sub status not used on non integrated pipeline IIS installations.

Will have it fixed.

 

You must be logged in to post in the forum