Vulnerability in EPiServer.Forms
Hi, I'm pretty new to EPiServer and I have been tasked to upgrade an site from EPiServer 8 to EPiServer 11.
I have managed to upgrade all the packages and resolved all conflicts and error messages in the code. However when I run the site using visualstudio and IIS express I just get a "500 - internal service error."
From what I understand from reading about the topic, the 500 error should be caused by a problem in the web.config file and that I should get a more detailed error log in the windows event viewer. However I don't get anything in the eventviewer after testing the site on my work laptop. I managed to get error logs if I use the pre-upgrade version of the site, but not when testing the one with the EPi 11 upgrade. I have also managed to get error logs in the eventviewer when testing the project with the upgrade on other computers than my work laptop.
I need to get these error log to show up in the eventviewer on my work laptop in order to continue working with this project, but how do I do that? Any help would be appreciated.
Have you run clean on the solution on your local environment and after that checked that you 'bin' folder is empty - and if not empty, then delete everything there is in the folder. Also it might be worth deleting everything from your Temporary ASP.NET folder (default location C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files) <- making assumption you are using x64.
Rebuild and try to access the site again..
You should also look at the Episerver logs produced by the site - really depends where you have those configured to.
And also disable friendly errors in web[dot]config file so that you get the actual exception and stack trace to your browser - under system[dot]web section customErrors mode="Off" or mode="RemoteOnly". And then also system[dot]webServer section set httpErrors mode to Detailed or DetailedLocalOnly.
Cleaning the bin folder or deleting asp.net temp didn't do anything, but I got a really useful log in the browser by adding the section customErrors mode="Off" and httpErrors mode="Detailed". Apperantly there were two instances of <add name="ExtensionlessUrlHandler-Integrated-4.0" ... /> without an remove, in the web.config file. I don't know how that happend but maybe something went wrong when web.base.config tried to overwrite it or something. I don't understand either why that error didn't get caught in the eventlogs, but after fixing the error I got back all other error logs in the eventlogs again. It seems that just that specific error doesn't get caught in the eventlogs for some reason.
Thanks again that really helped!