405: Method Not Allowed

Luis Carlos Chavarría picture Luis Carlos Chavarría · Feb 3, 2011 · Viewed 11.3k times · Source

EDIT: Summary: It seems that my web app can be accessed by anyone (only firefox or chrome) and by me using my main computer. If i try to access http://luiscarlosch.com/WebFormClean.aspx from any other of my LAN it gets a 405 error

I can perfectly call a WCF web method from localhost. I published to this server: http://luiscarlosch.com/WebFormClean.aspx (only firefox or chrome) with the Visual Studio publishing tool and it works fine. The problem is when a try to access it from another computer. I get the 405: Method Not Allowed. But It doest make sense because It works fine when i access it remotely from the publisher computer as I said. Any idea?

[ServiceContract(Namespace = "")]
[AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Allowed)]
public class ContactProxy
{
    [WebGet()]
    [OperationContract]
    public Contact getByID(int IDContact)
    {
        Contact contact = new Contact(IDContact);
        return contact;
    }
    [OperationContract]
    public EntityData insertEntityData(int IDEntityDataFieldType, int IDContact, String value)
    {
        //Contact contact = new Contact();
       // contact.insertEntityData(IDEntityDataFieldType, IDContact, value);
        EntityData entityData = new EntityData();
        entityData.save(IDEntityDataFieldType, IDContact, value);

        return entityData;
    }
}

Neither method seems to work.

I just noticed some user were able to access http://luiscarlosch.com/WebFormClean.aspx because they change the values. So. some clients can read the methods but some cant. This should be happening.

Web Config

<?xml version="1.0"?>

<configuration>
  <configSections>
  </configSections>
  <connectionStrings>
    <add name="ApplicationServices"
         connectionString="data source=.\SQLEXPRESS;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|\aspnetdb.mdf;User Instance=true"
         providerName="System.Data.SqlClient" />
  </connectionStrings>
  <system.web>
    <compilation debug="true" targetFramework="4.0" />
    <customErrors mode="Off"/>
    <authentication mode="Forms">
      <forms loginUrl="~/Account/Login.aspx" timeout="2880" />
    </authentication>
    <membership>
      <providers>
        <clear/>
        <add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="ApplicationServices"
             enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false"
             maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10"
             applicationName="/" />
      </providers>
    </membership>
    <profile>
      <providers>
        <clear/>
        <add name="AspNetSqlProfileProvider" type="System.Web.Profile.SqlProfileProvider" connectionStringName="ApplicationServices" applicationName="/"/>
      </providers>
    </profile>
    <roleManager enabled="false">
      <providers>
        <clear/>
        <add name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="ApplicationServices" applicationName="/" />
        <add name="AspNetWindowsTokenRoleProvider" type="System.Web.Security.WindowsTokenRoleProvider" applicationName="/" />
      </providers>
    </roleManager>
  </system.web>
  <system.webServer>
     <modules runAllManagedModulesForAllRequests="true"/>
  </system.webServer>
  <system.serviceModel>
    <behaviors>
      <serviceBehaviors>
        <behavior name="MyServiceTypeBehaviors" >
          <serviceMetadata httpGetEnabled="true" />
        </behavior>
      </serviceBehaviors>
      <endpointBehaviors>
        <behavior name="WebApplicationTest.WCFProxy.EmployeeProxyAspNetAjaxBehavior">
          <enableWebScript />
        </behavior>
        <behavior name="WebApplicationTest.WCFProxy.EntityDataFieldCollectionProxyAspNetAjaxBehavior">
          <enableWebScript />
        </behavior>
        <behavior name="WebApplicationTest.WCFProxy.Service1AspNetAjaxBehavior">
          <enableWebScript />
        </behavior>
        <behavior name="WebApplicationTest.WCFProxy.ContactProxyAspNetAjaxBehavior">
          <enableWebScript />
        </behavior>
      </endpointBehaviors>
    </behaviors>
    <serviceHostingEnvironment aspNetCompatibilityEnabled="true"
      multipleSiteBindingsEnabled="true" />
    <services>
      <service name="WebApplicationTest.WCFProxy.EmployeeProxy"  behaviorConfiguration="MyServiceTypeBehaviors" >
        <endpoint address="" behaviorConfiguration="WebApplicationTest.WCFProxy.EmployeeProxyAspNetAjaxBehavior"
          binding="webHttpBinding" contract="WebApplicationTest.WCFProxy.EmployeeProxy" />
        <endpoint contract="IMetadataExchange" binding="mexHttpBinding" address="mex" />
      </service>
      <service name="WebApplicationTest.WCFProxy.EntityDataFieldCollectionProxy"  behaviorConfiguration="MyServiceTypeBehaviors" >
        <endpoint address="" behaviorConfiguration="WebApplicationTest.WCFProxy.EntityDataFieldCollectionProxyAspNetAjaxBehavior"
          binding="webHttpBinding" contract="WebApplicationTest.WCFProxy.EntityDataFieldCollectionProxy" />
        <endpoint contract="IMetadataExchange" binding="mexHttpBinding" address="mex" />
      </service>
      <service name="WebApplicationTest.WCFProxy.Service1">
        <endpoint address="" behaviorConfiguration="WebApplicationTest.WCFProxy.Service1AspNetAjaxBehavior"
          binding="webHttpBinding" contract="WebApplicationTest.WCFProxy.Service1" />
      </service>
      <service name="WebApplicationTest.WCFProxy.ContactProxy" behaviorConfiguration="MyServiceTypeBehaviors" ><!--new-->
        <endpoint address="" behaviorConfiguration="WebApplicationTest.WCFProxy.ContactProxyAspNetAjaxBehavior"
          binding="webHttpBinding" contract="WebApplicationTest.WCFProxy.ContactProxy" />
        <endpoint contract="IMetadataExchange" binding="mexHttpBinding" address="mex" />
      </service>
    </services>
    <bindings />
    <client />
  </system.serviceModel>
</configuration>

Answer

Francesco Milani picture Francesco Milani · Jan 27, 2014

In order to allow cross domain ajax call you need

1) first to configure your web server to allow origins and Headers 2) allow methods used to make the request

It's seems that you have accomplished the first point and maybe for the second you just need to change:

[WebGet()]

to:

[WebInvoke(Method = "*")]
  • because although you perform a POST or GET request. Chrome and Firefox always send OPTIONS