You are viewing limited content. For full access, please sign in.

Question

Question

Weblink 9 CookieCheck.aspx redirects port for external users

WebLink Version 9
Updated June 1, 2015
asked on May 29, 2015 Show version history

Just wondering if anyone else has run into this issue with the new version of Weblink 9. Since cookies are required now, I've noticed that the site initially redirects you to a webpage "cookiecheck.aspx" which then performs a test and redirects you back to your original target page with a "?cr=1" appended to the URL. The problem is that I have a customer who has the following network/firewall setup:

External User    <-- port 2524 --> Router/Firewall (External IP)   <-- NAT/port 80 --> Weblink Server

When I trace the networking in the browser on the external user, I see that it requests a URL "server:2524/weblink/browse.aspx" gets redirected to the cookiecheck page, which then sends a redirect back to "server/weblink/browse.aspx?cr=1" to the external browser. Problem is, the port number has been stripped out and the firewall blocks things externally on port 80. The temporary workaround I figured out is the following:

  1. Access the site at the original link "server:2524/weblink/browse.aspx"
  2. Wait a moment for the site to set your browser cookie
  3. Access the site a second time, adding the ?cr=1 to the URL "server:2524/weblink/browse.aspx?cr=1"

Has anyone else seen anything like this? I imagine it has to affect anyone using Weblink behind some kind of firewall layer that uses NAT. IT doesn't want to change the firewall configuration since it worked properly for Weblink8. My workaround is unacceptable to the customer in the long term, so I need another option...

0 0

Answer

SELECTED ANSWER
replied on June 1, 2015

Hi Scott,

I believe the root cause is Login.aspx.vb, line 395.

Response.Redirect("~/CookieCheck.aspx?redirect=" & Server.UrlEncode(Request.Url.AbsoluteUri))

should be

Response.Redirect("~/CookieCheck.aspx?redirect=" & Server.UrlEncode(Request.Url.PathAndQuery))

That way you don't need to hard-code port numbers.  We'll test this more thoroughly and the fix for this will be included in the next release.

2 0
replied on June 1, 2015

Can't believe I didn't find that when I was digging through the code... Much cleaner than my hack of a workaround. Just tested on my end, and it works. Thanks!

0 0

Replies

replied on June 1, 2015

Hi Scott,
Here may be another solution,


1. Go to login.aspx.vb

2. Search for a line: Response.Redirect("~/CookieCheck.aspx?redirect=" & Server.UrlEncode(Request.Url.AbsoluteUri))

3. Replace it with: Response.Redirect("~/CookieCheck.aspx?redirect=" & Server.UrlEncode(Request.Url.PathAndQuery))

4. Recompile the site

 

Will that fix your issue?

2 0
replied on May 29, 2015

UPDATE:

I'm testing an alternative fix involving a modification to CookieCheck.aspx.vb and recompiling the website. I'll update this post with instructions if I can get this to work properly.

0 0
replied on June 1, 2015

WORKAROUND:

To get around the port change/redirection problem, I found you can do the following:

1. Use MS Visual Studio to open the Web Files\Weblink.vbproj file

2. Open CookieCheck.aspx.vb and add the following line of code just after the "Dim redirect ..." line:

redirect = Replace(redirect, "//server", "//server:2040")

3. Be sure to adjust "server" to your public facing FQDN or IP address you are using.

4. Recompile the site. (This will create an updated Weblink.dll and Weblink.xml in the Web Files\bin folder).

That's it. The port redirection issue should be resolved by that change. This isn't an ideal solution because it is hardcoded and will break if you reconfigure your networking to use a different IP/FQDN or port. I could not find the code that was actually constructing the URL Query Parameter "redirect" that gets sent to CookieCheck.aspx, which would have given more insight into the problem. I also could not find the code or IIS settings that send all incoming requests to CookieCheck.aspx first. Either of those two things may lead to a better fix if someone else knows where to find them? Does anyone from Laserfiche have input on this?

0 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Related Posts
Loading ...