Vulnerability in EPiServer.Forms
I have an EPiServer web application that I am running which has a CMS controlled 404 page. I have custom errors off and the following in the web.config for httpErrors
There is a flag in the CMS which allows the /404/ CMS error page to send a 404 status code using
Response.StatusCode = 404;
This is all working perfectly well and dancy on my local Windows 10 instance, however when I deploy it to a Windows Server 2012 R2 instance and testing going to a not known URL it takes minutes for the page to load as I think it's getting in some sort of loop.
Any ideas as to the difference, I know there's some settings around the applicationHosts for SkippingIIs errors, does anyone know how to get it to work?
FYI, I'm about to write a blog post about error handling in Episerver/MVC. Basically a follow-up to my post how to handle it in Webforms http://dodavinkeln.se/post/how-to-create-an-editable-404-page
Cool, I know there's many other ways of doing it should as handling the routing yourself but this way should work and I've done this many times before I'm stuck trying to figure out why different versions of IIS are handling it different when IIS 7.5+ should handle it the same way
I've put error logging in and it's nothing to do with redirection. Local the 404 page hits instantly but on the servers it take about 2-3 minutes to complete but it does it it, there are no more than a single hit of the 404 page hit unless IIS is redirecting in a weird loop before hitting the controller for the 404 page. Might need some IIS tracing on