I have a simple form that posts to an HttpPost action method, which returns its corresponding view. My issue is that I’m getting a 404 Not Found error. Oddly enough, if I change the form method and the attribute on the action method to a GET, then it works and the TestMethod view is displayed.
It seems I’m missing something for using POST, but my posts in other controllers work fine (e.g. account login and registration). Note the AllowAnonymous attribute is a custom attribute to be able to specify the controllers or actions that allow anonymous access, as opposed to specifying (via the Authorize attr) the controllers or actions that require authorization. I guess nothing is impossible, but I don’t think that has anything to do with my issue. Any thoughts on what is wrong?
FORM:
@using (Html.BeginForm("TestMethod", "Test", FormMethod.Post, new { @id = "testForm" })) {
<fieldset>
<legend>Test Form</legend>
<input type="submit" value="Submit" />
</fieldset>
}
CONTROLLER ACTION:
[AllowAnonymous]
[HttpPost]
public ActionResult TestMethod() {
return View();
}
VIEW:
<h2>TestMethod</h2>
<p>HttpPost method was successful.</p>
REGISTER ROUTES METHOD FROM Global.asax.cs:
public static void RegisterRoutes(RouteCollection routes) {
routes.IgnoreRoute("favicon.ico");
routes.IgnoreRoute("{resource}.axd/{*pathInfo}");
// About
routes.MapRoute(
"About", // Route name
"about", // URL with parameters
new { controller = "Home", action = "About" } // Parameter defaults
);
// Faq
routes.MapRoute(
"Faq", // Route name
"faq", // URL with parameters
new { controller = "Home", action = "Faq" } // Parameter defaults
);
// Glossary
routes.MapRoute(
"Glossary", // Route name
"glossary", // URL with parameters
new { controller = "Home", action = "Glossary" } // Parameter defaults
);
// Register
routes.MapRoute(
"Register", // Route name
"register", // URL with parameters
new { controller = "Account", action = "Register" } // Parameter defaults
);
// LogIn
routes.MapRoute(
"LogIn", // Route name
"login/{id}", // URL with parameters
new { controller = "Account", action = "LogOn", id = UrlParameter.Optional } // Parameter defaults
);
routes.MapRoute(
"LogOn", // Route name
"logon/{id}", // URL with parameters
new { controller = "Account", action = "LogOn", id = UrlParameter.Optional } // Parameter defaults
);
// Default
routes.MapRoute(
"Default", // Route name
"{controller}/{action}/{id}", // URL with parameters
new { controller = "Home", action = "Index", id = UrlParameter.Optional } // Parameter defaults
);
}
AUTHORIZE ATTRIBUTE CODE:
// AllowAnonymousAttribute class
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = false, Inherited = true)]
public sealed class AllowAnonymousAttribute : Attribute { }
// GlobalAuthorize class
public sealed class GlobalAuthorize : AuthorizeAttribute {
public override void OnAuthorization(AuthorizationContext filterContext) {
bool skipAuthorization =
filterContext.ActionDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true) ||
filterContext.ActionDescriptor.ControllerDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true);
if (!skipAuthorization) base.OnAuthorization(filterContext);
}
}
// RedirectAuthorizeAttribute class
public class RedirectAuthorizeAttribute : AuthorizeAttribute {
public string RedirectUrl { get; set; }
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext) {
filterContext.Result = new RedirectResult(RedirectUrl);
}
}
GLOBAL FILTERS:
public static void RegisterGlobalFilters(GlobalFilterCollection filters) {
filters.Add(new RequireHttpsAttribute());
filters.Add(new GlobalAuthorize());
filters.Add(new HandleErrorAttribute());
}
ROUTE REWRITING RULES:
<rewrite>
<rules>
<!-- Block all requests made to a website that do not have the host header set. -->
<rule name="Fail bad requests" stopProcessing="true">
<match url=".*" />
<conditions>
<add input="{HTTP_HOST}" pattern="localhost" negate="true" />
</conditions>
<action type="AbortRequest" />
</rule>
<!-- Remove trailing slash from all incoming requests. -->
<rule name="Remove trailing slash" stopProcessing="false">
<match url="(.*)/$" />
<conditions>
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true" />
</conditions>
<action type="Redirect" redirectType="Permanent" url="{R:1}" />
</rule>
<!-- Convert all requests to all lowercase. -->
<rule name="Convert to lowercase" stopProcessing="false">
<match url=".*[A-Z].*" ignoreCase="false" />
<action type="Redirect" url="{ToLower:{R:0}}" redirectType="Permanent" />
</rule>
<!-- Any URL with (HTTPS == OFF) and (HTTP_HOST with colon) -> use for development testing. -->
<rule name="Development redirect to HTTPS" enabled="true" stopProcessing="true">
<match url=".*" ignoreCase="true" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="true">
<add input="{HTTPS}" pattern="^OFF$" />
<add input="{HTTP_HOST}" pattern="([^/:]*?):[^/]*?" />
</conditions>
<action type="Redirect" url="https://{C:1}:44300{URL}" />
</rule>
<!-- Redirect any HTTP request to HTTPS. -->
<rule name="Redirect to HTTPS" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" ignoreCase="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="Permanent" />
</rule>
</rules>
</rewrite>
I think I finally found the culprit. First of all, I’ll concede that, knowing now what the issue was, the title of this question isn’t very accurate. The problem mostly dealt with a rule rewrite in Web.config. Until responding to others’ comments for this question, I had completely forgotten about the rule rewrites, which is why I hadn’t checked them out further to begin with.
Anyway, the issue was a rule that rewrote URLs to all lowercase. I knew my account registration and login forms were working fine, so I checked them out and noticed that their
Html.BeginFormstatements were parameterless, which, evidently results in a lowercase url being generated. I tried parameterless POST request for my test method, and it worked. Then, I tried using parameters for action and controller in theHtml.BeginFormstatement, but this time I entered them as lowercase strings:Html.BeginForm("testmethod", "test"...). Sure enough, it, too, worked just fine, and the page source showed the form action as lowercase.To fix my problem, I just had to set a condition to not match
POSTrequests:<add input="{REQUEST_METHOD}" matchType="Pattern" pattern="POST" negate="true" />. Note that the issue was not the lowercase rule specifically, but rather that thePOSTrequest was being redirected. I found one blog that discusses the issue ofPOSTredirects being converted toGETs and resulting in errors, which is exaclty what I was experiencing. It’s a couple years old, but apparently it’s still pertinent info.At any rate, I’m now back up and running. Thanks to all who threw in their two cents.
P.S. As I’m closing browser tabs and concluding my search, I figured I’d link to this SO question, as it is definitely related to my issue.