A critical vulnerability was discovered in React Server Components (Next.js). Our systems remain protected but we advise to update packages to newest version. Learn More

AI OnAI Off

Unable to load /Find/proxy/ - returns 406 Not acceptable

Kim Gunnarsson
Kim Gunnarsson
Vote:
 

Getting a wierd response from Episerver Find UI; all requests, bot POST and GET to endpoints beginning with /Find/proxy/ returns a 406 (Not acceptable) header. Both in development and production.

Console dump:

GET http://some-site-dev.local/secret-path-ui/Find/proxy/_admin/unifiedweights/?tags=searchtype%3Adefault&dojo.preventCache=1463639710173 406 (Not Acceptable)

{message: "Unable to load /secret-path-ui/Find/proxy/_admin/unifiedwe…fault&dojo.preventCache=1463639710173 status: 406", response: Object, status: 406, responseText: "", xhr: XMLHttpRequest}

GET http://some-site-dev.local/secret-path-ui/Find/proxy/_admin/unifiedweights/?tags=searchtype%3Adefault&dojo.preventCache=1463639710289 406 (Not Acceptable)

POST http://some-site-dev.local/secret-path-ui/Find/proxy/_search 406 (Not Acceptable)
{message: "Unable to load /secret-path-ui/Find/proxy/_search status: 406", response: Object, status: 406, responseText: "", xhr: XMLHttpRequest}

Version list:

  • EPiServer.Find 11.1.6.4396
  • EPiServer.Find.Cms  11.1.6.4396
  • EPiServer.Find.Framework 11.1.6.4396
  • Episerver.CMS.UI 9.6.0
  • Episerver.CMS.UI.Core 9.6.0

Any ideas?

#148632
May 19, 2016 9:08
Daniel Ovaska
Daniel Ovaska
Vote:
 

Turn on full logging on Find on info level and try again and check log4net log files if you see anything...?

#148634
May 19, 2016 9:26
Kim Gunnarsson
Kim Gunnarsson
Vote:
 

The problem had nothing to do with Episerver nor Episerver Find. The project was using header tampering without proper null checks. 

Thanks anyway!

/Kim

#148867
May 25, 2016 13:54
Chuhukon
Chuhukon
Vote:
 

We had the same problem with an Episerver site where ASP.NET Identity is used. We solved it by upgrading the nuget package System.Net.Http with version 4.3.0 to version 4.3.2.

#181070
Aug 08, 2017 9:41
This topic was created over six months ago and has been resolved. If you have a similar question, please create a new topic and refer to this one.
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.