Web Debug

Fix broken web applications, from servers to clients.

How to Capture WinHttp trace

Since  there are multiple ways to gather this in the Windows 2008 and 2008R2 I thought this might be helpful to outline this for the different platforms and how to gather this for fellow ARR troubleshooters.

Windows 2008


1. Start the Tracing . From a command prompt run the following command:

netsh winhttp set tracing trace-file-prefix="C:\TEMP\WinHttpLog" level=verbose format=hex state=enabled max-trace-file-size=1048576000


2.Recycle the IIS Application Pool.

3. Reproduce the issue.

4. Stop the Tracing. From a command prompt run the following command:

netsh winhttp set tracing state=disabled


5. Review the trace with Notepad or any Text editor.

NOTE: The Identity of the  IIS application pool will require write access to the  log location  c:\Temp in this example:

This type of tracing is process bitness specific, so if you are looking at a 32 bit process running from 64 bit OS, you need to use: c:\windows\syswow64\cmd.exe, rather than using the regular 64 bit cmd.exe (start a run a cmd.exe)

<!--more-->

Windows 2008 R2

Method 1


This method will output the Winhttp API calls , but not raw data for network communication. From a command prompt run the following command:

1. Start the tracing

netsh winhttp set tracing trace-file-prefix="C:\Temp\Test3" level=verbose format=hex

netsh winhttp set tracing output=file max-trace-file-size=512000 state=enabled


2.Recycle the IIS Application Pool.

3. Reproduce the issue.

4. Stop the Tracing. From a command prompt run the following command:

netsh winhttp set tracing state=disabled


5. Review the trace with Notepad or any Text editor.

NOTE: The Identity of the IIS application pool will require write access to the log location c:\Temp in this example:

This type of tracing is process bitness specific, so if you are looking at a 32 bit process running from 64 bit OS, you need to use: c:\windows\syswow64\cmd.exe, rather than using the regular 64 bit cmd.exe (start a run a cmd.exe)

Method 2


To get the raw data communication at network layer and the Winhttp  Api calls.

1. Start the tracing: From a command prompt run the following command:

netsh trace start scenario=InternetClient capture=yes report=yes

Note the etl file location for example:

Trace File:         C:\Users<your user name>\AppData\Local\Temp\NetTraces\NetTrace.etl


2.Recycle the IIS Application Pool.

3. Reproduce the issue.

4. Stop the tracing: From a command prompt run the following command:

netsh trace stop


5. Read the Trace by opening it in Netmon 3.4.

Method 3


The ETW format for winhttp API is available on windows 2008 R2 and win7 via the Event Viewer

1.  Open event viewer. Go to “View” menu --> make sure “Show Analytic and debug logs” is checked.

2. Open “Applications and Services logs” -- > Open “Microsoft” -- > Open “Windows –> Winhttp –> Diagnostic.

clip_image002

3. Highlight “Diagnostic” under Winhttp tree and right click mouse, then click “enable log”.

4.  Reproduce the issue then you can review the logs.

 

Winhttp Tracing Options for Troubleshooting with Application Request Routing By Richard Marr

Setting up a custom identity of an IIS 6 application pool

Sometime you need to set up a custom identity for IIS6 application pools, but if you directly do that, you may receive the following errors in event log.

Event Type:    Warning
Event Source:    W3SVC
Event Category:    None
Event ID:    1021
Description:
The identity of application pool, 'xxx' is invalid.  If it remains invalid when the first request for the application pool is processed, the application pool will be disabled.  The data field contains the error number.For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
69 05 07 80

Error code 0x80070569 means "Logon failure: the user has not been granted the requested logon type at this computer."

The right approach to setup a custom identity for IIS6 application pool is below,

1. Create the service account and set the password cannot be changed and password never expire.

2. Add the service account to IIS_WPG group.

3. Go to local policy - user rights assignment, add the user to "Log on as a service".

http://blogs.msdn.com/b/friis/archive/2010/10/08/steps-for-setting-up-a-custom-identity-of-an-iis-6-application-pool.aspx

Minifying your CSS and JavaScript for your Website

It's important (and useful!) to send as few bytes of CSS and JS and HTML markup down the wire as possible. It's not just about size, though, it's also about the number of requests to get the bits. In fact, that's often more of a problem then file size.

Validation of viewstate MAC failed

The symptom


View state is a feature in ASP.NET that allows pages to automatically preserve state without relying on server state (for example, session state). However, issues relating to view state can be difficult to debug. In most cases, when problems with view state occur, you receive the following error message in the Web browser, with little indication of what might be causing the issue:

"The viewstate is invalid for this page and might be corrupted"

<!--more-->

Validation of viewstate MAC failed. If this application is hosted by a Web Farm or cluster, ensure that configuration specifies the same validationKey and validation algorithm. AutoGenerate cannot be used in a cluster.

The theory


This section is from http://msdn.microsoft.com/en-us/magazine/ff797918.aspx

The ASP.NET feature to apply a MAC is called EnableViewStateMac, and just like ViewStateEncryptionMode, you can apply it either through a page directive or through the application’s web.config file:

<%@ Page EnableViewStateMac="true" %>



Or





To understand what EnableViewStateMac is really doing under the covers, let’s first take a high-level look at how view state is written to the page when view state MAC is not enabled:

  1. View state for the page and all participating controls is gathered into a state graph object.
  2. The state graph is serialized into a binary format.
  3. The serialized byte array is encoded into a base-64 string.
  4. The base-64 string is written to the _VIEWSTATE form value in the page.


When view state MAC is enabled, there are three additional steps that take place between the previous steps 2 and 3:

  1. View state for the page and all participating controls is gathered into a state graph object.
  2. The state graph is serialized into a binary format.
    a.   A secret key value is appended to the serialized byte array.
    b.   A cryptographic hash is computed for the new serialized byte array.
    c.   The hash is appended to the end of the serialized byte array.
  3. The serialized byte array is encoded into a base-64 string.
  4. The base-64 string is written to the _VIEWSTATE form value in the page.


Whenever this page is posted back to the server, the page code validates the incoming _VIEWSTATE by taking the incoming state graph data (deserialized from the _VIEWSTATE value), adding the same secret key value, and recomputing the hash value. If the new recomputed hash value matches the hash value supplied at the end of the incoming _VIEWSTATE, the view state is considered valid and processing proceeds. Otherwise, the view state is considered to have been tampered with and an exception is thrown.

<img title="Figure 3 Applying a Message Authentication Code (MAC)" src="http://i.msdn.microsoft.com/ff797918.SullivanFigure3hires%28en-us,MSDN.10%29.png" alt="" align="Middle" />

Applying a Message Authentication Code (MAC)

The security of this system lies in the secrecy of the secret key value. This value is always stored on the server, either in memory or in a configuration file (more on this later)—it is never written to the page. Without knowing the key, there would be no way for an attacker to compute a valid view state hash.

The configuration


The ValidationKey property is used when enableViewStateMAC is true to create a message authentication code (MAC) to enable ASP.NET to determine whether view state has been tampered with. The ValidationKey property is also used to generate out-of-process, application-specific session IDs to ensure that session state variables are isolated between applications.

Use the "AutoGenerate" option to specify that ASP.NET generates a random key and stores it in the Local Security Authority. The "AutoGenerate" option is part of the default value.

If you add the "IsolateApps" modifier to the "AutoGenerate" ValidationKey value, ASP.NET generates a unique encrypted key for each application by using each application's AppDomainAppVirtualPath. This is the default setting.

If you add the "IsolateByAppId" modifier to the "AutoGenerate" ValidationKey value, ASP.NET generates a unique encrypted key for each application by using each application's AppDomainAppId. If two distinct applications share a virtual path (perhaps because those applications are running on different ports), this flag can be used to further distinguish them from one another. The “IsolateByAppId” flag is understood only by ASP.NET 4.5, but it can be used regardless of the MachineKeySection.CompatibilityMode setting.

If you need to support configuration across a network of Web servers (a Web farm), set the ValidationKey property manually to ensure consistent configuration.

This property is typically set declaratively in the validationKey attribute of the machineKey element of the Web.config file.

For more information about the machineKey configuration, refer to <a title="How To: Configure MachineKey in ASP.NET 2.0" href="http://msdn.microsoft.com/en-us/library/ms998288.aspx" target="blank">http://msdn.microsoft.com/en-us/library/ms998288.aspx

The tools


Fiddler has build-in Text-Wizard to decode the base64 encoded view state string. You can go to Inspectors - WebForms - Right click ViewState in body listview - Choose Send to Text-Wizard

Another online ViewState decoder: http://ignatu.co.uk/ViewStateDecoder.aspx

Reference

Understanding ASP.NET View State


http://msdn.microsoft.com/library/ms972976.aspx

View State Security

http://msdn.microsoft.com/en-us/magazine/ff797918.aspx

How To: Configure MachineKey in ASP.NET 2.0

http://msdn.microsoft.com/en-us/library/ms998288.aspx

Troubleshooting the "View state is invalid" error with ASP.NET

http://support.microsoft.com/kb/829743

Validation of viewstate MAC failed after installing .NET 3.5 SP1

http://blogs.msdn.com/b/tess/archive/2009/04/14/validation-of-viewstate-mac-failed-after-installing-net-3-5-sp1.aspx

 

Playing videos in HTML

Videos can be played in HTML by many different methods.

http://www.w3schools.com/html/html_videos.asp

The easiest way to play videos (others or your own) in HTML is to use YouTube.

http://www.w3schools.com/html/html_youtube.asp

YouTube iFrame
[html]

[/html]

YouTube Embedded
[html]
width="420" height="345"
src="http://www.youtube.com/v/XGSy3_Czz8k"
type="application/x-shockwave-flash">

[/html]

Video js is a another choice to play video online

http://www.videojs.com/

Use Video.JS
In the :

[html]

rel="stylesheet">

[/html]

In the :

[html]

[/html]

Fork me on GitHub