I am getting the error System.Web.HttpException: Path 'OPTIONS' is forbidden.
since we moved our website over to a new server setup. I am unable to recreate the error but I am receiving emails for this exception at least a few times a day. Any ideas what could be causing this and how I can fix it?
EDIT:
Stack Trace:
at System.Web.HttpMethodNotAllowedHandler.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
There are no directories or files named OPTIONS and I believe all permissions are correct. I am finding some information about a possible link to EXCEL getting data from the webserver, but nothing that full explains how or what is happening yet.
EDIT AGAIN:
Seems this has to do with Excel files opening in Internet Explorer..
OPTION is a verb used by "Microsoft Data Access Internet Publishing Provider Protocol Discovery" (Part of MS Office) to make request when a user opens a URL from inside office applications.
You should be able to re-create the issue by going File>Open in Word/Excel 2003 and above and specifying the full URL of the file. Alternatively by placing a link to an excel file on your server in an office document and clicking it.
You can fix it by adding this to your web.config file with additional lines for each file type:
<httpHandlers>
<add verb="*" path="*.xls" type="System.Web.StaticFileHandler" />
<add verb="*" path="*.xlsx" type="System.Web.StaticFileHandler" />
</httpHandlers>
Are you getting any user error reports or similar. OPTIONS is an http verb that is used to find outthe capabilities of the server. It sounds like your new web server is not configured to allow this verb, probably for security reasons. A normal web request from a browser would not use this verb and it is often used by malware/bots scanning web servers for vulnerabilities to exploit.
When I got this exact error while trying to send an .xls file from an ASP.Net web page, it was because I had omitted the filename extension here:
Response.AddHeader("Content-Disposition", "attachment;filename=" + fileName);
Response.ContentType = "application/vnd.ms-excel";
That fileName
needs to be fileName.xls
This error occurs when you try to open .xls from localhost. In case of IIS, it doesn't throw any error.
You can use
<httpHandlers>
<add verb="*" path="*.xls" type="System.Web.StaticFileHandler" />
<add verb="*" path="*.xlsx" type="System.Web.StaticFileHandler" />
</httpHandlers>
in web.config.
This seems to be working well for me:
<httpHandlers>
<add verb="GET,HEAD,POST" path="*" type="System.Web.DefaultHttpHandler" validate="true"/>
<add verb="OPTIONS" path="*" type="System.Web.StaticFileHandler" />
</httpHandlers>
This is probably permissions on your system. To get a little more detail, the search term to google up is "Path is forbidden" -- the OPTIONS part is a string that is specific to your application.
Better yet, rack your brain a little and try to think of a part of your application that attempts to access a URL or file path with that name.