2

Resolved

Exception in new Orchard.SecureSocketLayer module on Home page display

description

I am getting an exception in method SecureSocketsLayerService.ShouldBeSecure when my site try to display its home page, it renders an HTTP 500, but admin pages display normally.

My ssl config is : use selected secured paths, not all pages.

The exception occurs in the following lines of SecureSocketsLayerService.ShouldBeSecure

var url = urlHelper.Action(actionName, controllerName, requestContext.RouteData);
return IsRequestProtected( url, requestContext.HttpContext.Request.ApplicationPath, settings);

urlHelper.Action(....) returns a null value

With the parameters
actionName: Display
controllerName: Item
Id (in RouteDtata): 12
requestContext.RouteData ->Datatoken count=0, Route & RouteHandler null=null

If I catch the exception my page displays ok and all is Ok ?

My Orchard is compiled with .net 4.5

EDIT: Please do note that the property file is market as content and not Compile as it should.

comments

CSADNT wrote Oct 24, 2013 at 10:24 PM

I installed a 'fresh' Orchard from 25 oct, without any complementary module, and enable the SSL module after install.
Just after this IIS has been unable to display the home page...

I entered Admin url and get the dashboard, then input the same ssl parameters: not full SSL only dedicated url. Saved. Click on the Home Page and exception.

This module seems totally bugged.

CSADNT wrote Oct 25, 2013 at 6:15 PM

Problem with this new module is that there are no dedicated tables and you can't change defaukt values easilly (where are these infoset ???).
When the old and working ok ssl module exists, if you simply validate the feature for the new one you get a crash: the 2 modules are competing to adapt according their setting....but the new module has no default settings.
The new module should take care of looking to the old module and copy its settings in order to avoird a conflictual situation.
Better, the new module, without having its settings installed, should not be active.

sebastienros wrote Nov 8, 2013 at 9:50 PM

Fixed in changeset 2d927962e495d5409de98881ceb7908cb72b235b

jao28 wrote Jan 2 at 7:43 PM

I am still experiencing the same issues as described above with these lines of code in SecureSocketsLayerService.cs
var urlHelper = new UrlHelper(requestContext);
var url = urlHelper.Action(actionName, controllerName, requestContext.RouteData);
url is always coming back as null (no matter what page I happen to be hitting. My settings are:
  • Enable SSL redirection - true
  • Force SSL on all pages - false
  • Enable SSL on specific pages - true
    (provide list of urls to target - doesn't really matter what urls are used)

CSADNT wrote Jan 2 at 8:13 PM

Personnaly I run with this
            var urlHelper = new UrlHelper(requestContext);
            var url = urlHelper.Action(actionName, controllerName, requestContext.RouteData);
            // Bug
            if (string.IsNullOrEmpty(url) && requestContext.HttpContext != null)
                url = requestContext.HttpContext.Request.RawUrl;

            if (string.IsNullOrEmpty(url))
                return false;
            return IsRequestProtected(
                url, requestContext.HttpContext.Request.ApplicationPath, settings);

CSADNT wrote Jan 2 at 8:13 PM

Not very clean but has solved my pb.

Piedone wrote Mar 4 at 11:11 PM

sebastienros wrote Mar 15 at 12:36 AM

Note for later, it happens even if the hosts are provided

sebastienros wrote Mar 15 at 12:37 AM

Fixed in changeset 4bed5c1a9acbd52ba8d116ceee905c3dd6f05427