16

(I'm new to .Net and the Microsoft world in general, coming from a Java and Tomcat background, so please bear that in mind.)

I'm working on my first .Net application, using Visual Studio 2013, C#, .Net 4.5, MVC 5, and EF 6. It's a fairly simple web-based application, using Windows authentication and Active Directory groups for authorization to do fairly basic CRUD operations on a table in a SQL Server database.

I haven't deployed the application yet. I'm still developing it and testing it out on my PC (running Windows 7). When I hit Ctrl-F5 to test out the application in Internet Explorer or in Google Chrome, everything works fine.

However, if I tell Visual Studio to access it in Firefox instead, it displays the page WITHOUT any CSS or JavaScript. I can click links within the application and navigate to the various pages, which all work fine. They're just displayed without any CSS or working JavaScript. When I manually try to view one of the CSS or JavaScript files, I get an internal server error (HTTP Error 500). Checking the log file shows a status code 500 for each of the CSS and JavaScript files the page was trying to load.

I'm mystified, because it works fine from Internet Explorer and from Chrome. How could using a different web browser cause this internal server error?

I'd post some of the code, but at this point I've no idea what would be useful to see. (I could show what sort of additional information IIS Express is logging, if any, but I'm not sure where to find that, other than the line that shows the status code 500.)

At some point fairly early in development, I realized that I had named some database field "version" when I wanted it to be named "Version" (capitalized). I did a global find/replace in the entire solution on that string, rather than doing a rename of the field. It's possible that something important was borked by that process, but I've done a global find on "Version" (and on "version") and haven't found anything of note.

If I absolutely have to, I'll probably just re-create the project from scratch and hope that I don't copy/paste the same problem (or a new one) into the new project, but I'm hoping someone can come up with something easier to try first.

UPDATE

Here is the start of Views/Shared/_Layout.cshtml:

<!DOCTYPE html>
<html>
<head>
    <meta charset="utf-8" />
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>@ViewBag.Title - Experiment 626</title>
    @Styles.Render("~/Content/css")
    @Scripts.Render("~/bundles/modernizr")
</head>

Here is App_Start\BundleConfig.cs:

using System.Web;
using System.Web.Optimization;

namespace Experiment626
{
    public class BundleConfig
    {
        // For more information on bundling, visit http://go.microsoft.com/fwlink/?LinkId=301862
        public static void RegisterBundles(BundleCollection bundles)
        {
            bundles.Add(new ScriptBundle("~/bundles/jquery").Include(
                        "~/Scripts/jquery-{version}.js"));

            bundles.Add(new ScriptBundle("~/bundles/jqueryval").Include(
                        "~/Scripts/jquery.validate.min.js",
                        "~/Scripts/jquery.validate.unobtrusive.min.js"));

            // Use the development version of Modernizr to develop with and learn from. Then, when you're
            // ready for production, use the build tool at http://modernizr.com to pick only the tests you need.
            bundles.Add(new ScriptBundle("~/bundles/modernizr").Include(
                        "~/Scripts/modernizr-*"));

            bundles.Add(new ScriptBundle("~/bundles/bootstrap").Include(
                      "~/Scripts/bootstrap.js",
                      "~/Scripts/respond.js"));

            bundles.Add(new StyleBundle("~/Content/css").Include(
                      "~/Content/bootstrap-theme.css",
                      "~/Content/site.css"));
        }
    }
}

UPDATE

Looking in Firebug, for each CSS or JavaScript file, the request and response headers look like this:

Request Header

GET /Content/site.css HTTP/1.1
Host: localhost:6365
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:27.0) Gecko/20100101 Firefox/27.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Referer: http://localhost:6365/
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

Response Header

HTTP/1.1 500 Internal Server Error
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.0
X-SourceFiles: =?UTF-8?B?QzpcVXNlcnNcV2FsbHkuSGFydHNob3JuXFZpc3VhbCBTdHVkaW8gMjAxM1xQcm9qZWN0c1xFeHBlcmltZW50NjI2XEV4cGVyaW1lbnQ2MjZcQ29udGVudFxzaXRlLmNzcw==?=
Persistent-Auth: true
X-Powered-By: ASP.NET
Date: Tue, 25 Feb 2014 21:13:50 GMT
Content-Length: 5870

UPDATE

For comparison, here is the request header when using Chrome:

Accept:text/css,*/*;q=0.1
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8
Cache-Control:no-cache
Connection:keep-alive
Host:localhost:6365
Pragma:no-cache
Referer:http://localhost:6365/
User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.117 Safari/537.36

UPDATE

In the default error page displayed by IIS, there is a Detailed Error Information section, which contains this:

Module          IIS Web Core
Notification    AuthenticateRequest
Handler         StaticFile
Error Code      0x80070542
Requested URL   http://localhost:6365/Content/site.css
Physical Path   C:\Users\Wally.Hartshorn\Visual Studio 2013\Projects\Experiment626\Experiment626\Content\site.css
Logon Method   NTLM
Logon User     SOMEDOMAIN\Wally.Hartshorn
Request Tracing Directory   \\something.domain.com\SPIUsers1\Wally.Hartshorn\IISExpress\TraceLogFiles\EXPERIMENT626

I still have been unable to figure out how to view the actual exception that is thrown to trigger the status code 500.

UPDATE

Researching that error code, I found that it apparently means "Either a required impersonation level was not provided, or the provided impersonation level is invalid." I'm guessing that there is something about the way Firefox handles authentication that is different than the way Internet Explorer and Google Chrome, but I've no idea yet how to fix that.

UPDATE

As an experiment, I created a brand new ASP.NET MVC project in Visual Studio 2013, selecting Windows Authentication. Then, without making ANY changes to this brand new solution, I hit Ctrl-F5 to build it and open the default Home page in Firefox. I get the exact same error in the untouched project -- HTTP Server Error 500.0, with an error code of 0x80070542, indicating "Either a required impersonation level was not provided, or the provided impersonation level is invalid."

So apparently it has nothing to do with my code, but instead is a basic problem with how my Visual Studio 2013, IIS Express, and/or Windows 7 are configured.

I'm stumped.

Meryovi
  • 6,121
  • 5
  • 42
  • 65
Wally Hartshorn
  • 905
  • 2
  • 9
  • 25
  • can you post the layout header, or where you render the scripts? – Jonesopolis Feb 25 '14 at 20:17
  • Have you tried to debug? Or at least looking in event viewer (500 is exception and by default will be logged as event, unless you have some custom error logging configuration). – Alexei Levenkov Feb 25 '14 at 20:28
  • Have you tried `CTRL` + `F5` to force a page reload (on the browser) – Rippo Feb 25 '14 at 20:34
  • what does the firefox console say? – Jonesopolis Feb 25 '14 at 20:44
  • I have tried CTRL + F5, and even a cold reboot of the machine. I've also tried clearing the cache, etc. No change. Thanks for the suggestion, though. – Wally Hartshorn Feb 25 '14 at 21:28
  • I've looked in the event viewer, but don't see anything there. I've found something in my searching that indicates that .NET MVC applications don't necessarily log all errors in the event viewer unless you enable them, so I'm investigating that now. – Wally Hartshorn Feb 25 '14 at 21:31
  • Can you check the header for a Chrome or IE request also? – Simon C Feb 26 '14 at 01:02
  • What is the actual error? What happens if you navigate to `http://localhost:6365/Content/site.css` directly? – Rippo Feb 26 '14 at 06:27
  • Alexei, I can't figure out how to debug this, because none of my code executes in response to a request for a CSS file. I tried running it in debug mode anyway (F5), in case it would break and show me something when the error was triggered, but it didn't. – Wally Hartshorn Feb 26 '14 at 15:07
  • SimonC, I checked the request headers for Chrome and they are pretty much the same as those for Firefox. The only significant different was the DNT (Do Not Track) header that Firefox was sending, which I didn't have enabled in Chrome. I disabled the Do Not Track feature in Firefox and tried it again, but it didn't make any difference. I've posted the full Chrome request header at the end of the original message. – Wally Hartshorn Feb 26 '14 at 15:10
  • Rippo, if I directly navigate to `http://localhost:6365/Content/site.css`, I get the same result -- Internal Server Error (HTTP status code 500.0). All I see in my browser is the default error page. I'll post the Detailed Error Information in an update above. – Wally Hartshorn Feb 26 '14 at 15:16
  • 1
    Have you seen this post? http://stackoverflow.com/questions/847304/integrated-windows-authentication-in-firefox?rq=1 Here is another potentially helpful question answer: http://superuser.com/questions/594049/how-to-enable-ntlm-for-all-intranet-sites-in-firefox – G_P Feb 26 '14 at 20:16
  • Thanks, G_P. It looks like that's the key -- Firefox doesn't enable Windows Integrated Authentication by default. Enabling it fixes the problem. It's not exactly the solution that I would prefer, but at least it works. I'm not sure how practical it will be to go production like this, though, as we would have to tell any of our employees who are using Firefox to go into about:config and edit network.automatic-ntlm-auth.trusted-uris. Not exactly user-friendly. I'm going to have to think about this. Thanks again for your help! – Wally Hartshorn Feb 26 '14 at 21:08

2 Answers2

34

G_P pointed me to the solution to my problem. The root cause apparently is that Firefox does not by default work with Windows Integrated Authentication, unless the site is trusted.

To enable Windows Integrated Authentication in Firefox:

  1. Enter about:config in the address bar.
  2. Acknowledge the scary warning message.
  3. In the search bar, enter network.automatic.
  4. Double-click on network.automatic-ntlm-auth.trusted-uris.
  5. Enter the URL of the server, e.g. localhost or mycompany.com.

After that it works fine.

Unfortunately, this would mean instructing everyone in the company who wanted to access the application using Firefox that they would have to make this change (or else the IT department would have to figure out a way to do it). In this particular application, that's not a big deal, because the number of users will be quite small. For a later application, I'll probably have to figure out something else. (Perhaps I should be looking into Windows Identity Foundation? Sounds a bit scary, though.)

In any case, I'm going to call this "good enough for now" and move on with my life. Thanks very much to everyone who helped me!

P.S. Two pages with potentially useful information:

Wally Hartshorn
  • 905
  • 2
  • 9
  • 25
  • 1
    I wonder if nobody else uses Firefox with .NET and Integrated Authentication... Thanks! This has been really useful! – Meryovi May 01 '14 at 13:36
  • Something akin to removing all the wheels from my car to complete my oil change, but your steps worked. Thanks, FireFox!!! :) Thanks for answering with specific details of typing in NavBar, that part confused me on another answer. – raddevus Jul 29 '15 at 19:16
  • u saved my life in 2022 – Zied R. Feb 22 '22 at 17:31
-1

You have a cookie created on the previous Browser you were testing which doesn't exits on firefox. I really doubt if the problem has anything to do with firefox.

user3311522
  • 1,638
  • 3
  • 19
  • 33