protected void Application_Error(object sender, EventArgs e) { SecPage LError = new SecPage(); string ErrorURL = string.Empty; try { Exception ex = Server.GetLastError(); ErrorURL = HttpContext.Current.Request.Path; if (HttpContext.Current.Session != null && HttpContext.Current.Session["UserInfo"] != null) { IsSessionAvailable = true; } UserName = IsSessionAvailable == true?Convert.ToString(Session["UserInfo"]) : ""; LError.LogError("Global - " + ErrorURL, "Application_Error", ex.Message.ToString().Replace("\r\n", ""), UserName, false); } catch (Exception exc) { //LError.LogError("Global" , "Application_Error_Ex", exc.Message.ToString().Replace("\r\n", ""), Session["UserInfo"].ToString(), false); } finally { Exception ex = Server.GetLastError(); string InnerMsg = string.Empty; if (ex != null && ex.InnerException != null) { InnerMsg = ex.InnerException.Message; } if (string.IsNullOrEmpty(InnerMsg)) { InnerMsg = string.Empty; } if (ex != null && ex.Message == "No GET allowed for a POST") { HttpContext.Current.Server.ClearError(); HttpContext.Current.Response.StatusCode = (int)System.Net.HttpStatusCode.MethodNotAllowed; HttpContext.Current.Response.AddHeader("Location", "~/UI/ErrorPage.aspx?ErrorURL=" + ErrorURL + ""); HttpContext.Current.Response.End(); } else if (ex != null && (ex.Message == "Validation of Anti-XSRF token failed." || Convert.ToString(InnerMsg) == "Validation of Anti-XSRF token failed." || Convert.ToString(InnerMsg).Contains("Invalid postback or callback argument."))) { HttpContext.Current.Server.ClearError(); HttpContext.Current.Response.StatusCode = (int)System.Net.HttpStatusCode.Forbidden; HttpContext.Current.Response.AddHeader("Location", "~/UI/ErrorPage.aspx?ErrorURL=" + ErrorURL + ""); HttpContext.Current.Response.End(); } else if (ex != null && (Convert.ToString(InnerMsg) == "Restricted file upload" || ex.Message == "Restricted file upload")) { HttpContext.Current.Server.ClearError(); HttpContext.Current.Response.StatusCode = (int)System.Net.HttpStatusCode.NotAcceptable; HttpContext.Current.Response.AddHeader("Location", "~/UI/ErrorPage.aspx?ErrorURL=" + ErrorURL + ""); HttpContext.Current.Response.End(); } else if (ex != null && (Convert.ToString(InnerMsg) == "LDAP Injection Identified" || ex.Message == "LDAP Injection Identified" || Convert.ToString(InnerMsg) == "Blind SQL Injection Identified" || ex.Message == "Blind SQL Injection Identified")) { HttpContext.Current.Server.ClearError(); HttpContext.Current.Response.StatusCode = (int)System.Net.HttpStatusCode.BadRequest; HttpContext.Current.Response.AddHeader("Location", "~/UI/ErrorPage.aspx?ErrorURL=" + ErrorURL + ""); HttpContext.Current.Response.End(); } else { HttpContext.Current.Server.ClearError(); HttpContext.Current.Response.Redirect("~/UI/ErrorPage.aspx?ErrorURL=" + ErrorURL + "", false); //Redirecting to error page with URL } } //Exception exception = Server.GetLastError(); //Server.Transfer("~/UI/ErrorPage.aspx", false); //if (exception is HttpUnhandledException) //{ // if (exception.InnerException == null) // { // Server.Transfer("~/UI/ErrorPage.aspx", false); // return; // } // exception = exception.InnerException; //} //if (exception is HttpException) //{ // if (((HttpException)exception).GetHttpCode() == 404) // { // // Log if wished. // Server.ClearError(); // Server.Transfer("~/UI/ErrorPage.aspx", false); // return; // } //} //if (Context != null && Context.IsCustomErrorEnabled) // Server.Transfer("~/UI/ErrorPage.aspx", false); }