I want to implement the recently approved PATCH HTTP verb in a RESTful service implemented with ASP MVC 3. I have added the following settings in the web.config file.
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<handlers>
<add name="PATCHVerbHandler" path="*" verb="PATCH" modules="ProtocolSupportModule" requireAccess="None" />
</handlers>
<security>
<requestFiltering>
<verbs>
<add verb="PATCH" allowed="true" />
</verbs>
</requestFiltering>
</security>
</system.webServer>
</configuration>
The action method is decorated with the AcceptVerbs("PATCH")
attribute.
The service works properly with the PATCH verb. The URL gets routed to the right action method and returns the proper data.
The strange issue is if I using a different URL that does not match any routes using the PATCH verb, IIS returns "200 OK" instead of "404 Not Found". All the standard verbs (GET, PUT, DELETE, POST, HEAD, OPTIONS) do not have this problem.
Do I need to register additional handlers for the PATCH verb or is it a routing issue? Any help is appreciated.
HTTP verbs tell the server what to do with the data identified by the URL. The HTTP method is supplied in the request line and specifies the operation that the client has requested. HTTP Verbs. HTTP verbs tell the server what to do with the data identified by the URL.
If the Web site does not already have a Web.config file, create one under the root of the site. The code registers the module with the class name and the module name of HelloWorldModule. The process for registering a module in IIS 7.0 Integrated mode is slightly different than the process for IIS 7.0 Classic mode.
After you have created the HelloWorldModule class, you register the module by creating an entry in the Web.config file. Registering the HTTP module enables it to subscribe to request-pipeline notifications. In IIS 7.0, an application can run in either Classic or Integrated mode.
When request filtering blocks an HTTP request because of a denied HTTP verb, IIS 7 will return an HTTP 404 error to the client and log the following HTTP status with a unique substatus that identifies the reason that the request was denied: This substatus allows Web administrators to analyze their IIS logs and identify potential threats.
In the Request Filtering pane, click the HTTP verbs tab, and then click Deny Verb... in the Actions pane. In the Deny Verb dialog box, enter the HTTP verb that you wish to block, and then click OK. For example, to prevent HTTP TRACE requests to your server, you would enter "TRACE" in the dialog box. Required Boolean attribute.
You don't actually need a custom handler to process HTTP requests made with the PATCH verb; instead, you may want to keep decorating your actions with the AcceptVerbs("PATCH")
attribute while checking that the ASP.NET ISAPI is configured to handle any verb (it is the default), including PATCH.
If you have to handle this kind of requests using a custom module, by the way, please keep in mind that it is the responsibility of the handler itself to set the status code for each request (including the ones it should handle, according to the mapping, but it can't for whatever reason) and maybe it is not setting the correct value upon finishing.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With