How do I enable HTTP PUT and DELETE for ASP.NET MVC in IIS?
C#asp.net Mvc-3Iis 7.5Http PutHttp DeleteC# Problem Overview
I use HTTP PUT
and DELETE
in my ASP.NET MVC3 application. When I run it in local, every thing works correctly; But when I publish the application to the server, these methods do not work.
Are there any special settings for enable a web server to support PUT
and DELETE
requests? I'm using shared hosting with IIS 7.5.
UPDATE:
I enable PUT
and DELETE
requests in IIS manager
. PUT
command work fine. But DELETE
still not works. I create requests by jQuery
:
I'm in this page:
http://domain.com/dashboard/edit-site/103323/links/
and my ajax call is:
$.ajax({
// url: same as page-url,
cache: false,
type: 'DELETE',
data: { linkid: $(link).data("linkid") },
beforeSend: function () {
// doing something in UI
},
complete: function () {
// doing something in UI
},
success: function (data) {
// doing something in UI
},
error: function () {
// doing something in UI
}
});
This will create a request like this:
Accept: */*
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Origin: http://domain.com
Referer: http://domain.com/dashboard/edit-site/103323/links/
User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.89 Safari/537.1
X-Requested-With: XMLHttpRequest
With this Form Data
:
linkid:104044
C# Solutions
Solution 1 - C#
Go to Handler Mappings in your IIS Manager. Find ExtensionlessUrlHandler-Integrated-4.0
, double click it. Click Request Restrictions... button and on Verbs tab, add both DELETE
and PUT
.
EDIT: Possible WebDav Publisher issue
You've mention on a deleted post you were running on a 2008 server right? Try removing webDav role, or disable it from your site config
: on system.webServer
-> modules
section, remove WebDAVModule
module:
<system.webServer>
<modules>
<remove name="WebDAVModule" />
</modules>
<handlers>
<remove name="WebDAV" />
</handlers>
</system.webServer>
Solution 2 - C#
If you are getting following error in your production environment in the asp.net web api on PUT
or DELETE
though these methods are working fine locally.
> 405 - http verb used to access this page is not allowed.
Just add following settings in your server's web.config
<system.webServer>
<handlers>
<remove name="WebDAV" />
<remove name="ExtensionlessUrlHandler-Integrated-4.0" />
<remove name="OPTIONSVerbHandler" />
<remove name="TRACEVerbHandler" />
<add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="*" type="System.Web.Handlers.TransferRequestHandler" preCondition="integratedMode,runtimeVersionv4.0" />
</handlers>
<modules>
<remove name="WebDAVModule" />
</modules>
</system.webServer>
Cause: webDAV module blocks PUT/DELETE methods by default. So first remove this module and its handler. We first remove any existing ExtensionlessUrlHandler-Integrated-4.0 settings and add it with desired path
and verbs
.
Solution 3 - C#
You just need to add the following lines of code in your web.config
<system.webServer>
<security>
<requestFiltering>
<verbs allowUnlisted="false">
<add verb="GET" allowed="true" />
<add verb="POST" allowed="true" />
<add verb="DELETE" allowed="true" />
<add verb="PUT" allowed="true" />
</verbs>
</requestFiltering>
</security>
AND
<modules>
<remove name="WebDAVModule" />
</modules>
<handlers>
<remove name="WebDAV" />
</handlers>
Solution 4 - C#
Finally I find the answer fluky. I changed the jQuery call to tho below and it's working well now.
$.ajax({
url: this.href + "?linkid=" + $(link).data("linkid"),
cache: false,
type: 'DELETE',
// data: { linkid: $(link).data("linkid") },
beforeSend: function () {
// doing something in UI
},
complete: function () {
// doing something in UI
},
success: function (data) {
// doing something in UI
},
error: function () {
// doing something in UI
}
});
Do you have any explanation why a DELETE
call, can't have Form Data
? While on local it had and worked fine?
Solution 5 - C#
I have met the same issue. You guys only access on server deploy API and uninstall WebDAV and it done. You can reference this
https://achrafbenalaya.com/2020/10/17/405-method-not-allowed-in-iis/
Solution 6 - C#
The proper way to do it is to figure out the real blocker and then remove this source instead of guessing around. Please check this how here: https://stackoverflow.com/a/70530342/592651