ASP. NET MVC httpverbs.delete/put Routes not firing

Original address: Https://weblog.west-wind.com/posts/2015/Apr/09/ASPNET-MVC-HttpVerbsDeletePut-Routes-not-firing?utm_source =tuicool&utm_medium=referral

Domestic: Http://www.tuicool.com/articles/Zv2EbmY

A few times in the last weeks I ' ve run to a problem where I found that DELETE operations would isn't fire in ASP C Ontrollers. I ' ve been building APIs mostly with Web API until recently, but started using MVC instead with current projects in light O F VNext which essentially uses the MVC model for ' APIs '. And I ran into trouble each time with a PUT and DELETE verbs not firing.

What ' s the problem?

To demonstrate here's a simple action method on an MVC controller, uses Attribute routing for a delete operation:

[Route ("Albums/{id}")][acceptverbs (httpverbs.delete)] PublicActionResult Deletealbum (intID) {    varAlbumbus =Newalbumbusiness (); if(!albumbus.delete (ID, saveChanges:true, UseTransaction:true))        Throw NewCallbackexception ("couldn ' t delete album:"+albumbus.errormessage); returnJson (true, Jsonrequestbehavior.allowget);}

When this route was fired I ' m getting a 404 error from Iis–it's not finding the route. However, if I change the route to a httpverbs.get it runs just fine.

What's the heck is happening here?

Missing Verbs on Extensionlessurlhandler

The main culprit is the Extensionlessurlhandler Http Handler that's responsible for handling MVC ' s Controller and Attribute routing. The default entry for this handler are defined in ApplicationHost.config doesn ' t include the DELETE or PUT verb.

Here's what ' s in my applicationhost.config which determines the default handler settings:

<add name="extensionlessurlhandler-integrated-4.0"Path="*."verb="Get,head,post,debug"type="System.Web.Handlers.TransferRequestHandler"Precondition="integratedmode,runtimeversionv4.0"Responsebufferlimit="0"/>

Note that PUT and DELETE is not among the supported verbs.

To fix this can add the following to your application ' s web. config file:

<configuration> <system.webServer> "extensionlessurlhandler-integrated-4.0"/> <add name="extensionlessurlhandler-integrated-4.0"Path="*."verb="get,head,post,debug,put,delete,options"type="System.Web.Handlers.TransferRequestHandler"Precondition="integratedmode,runtimeversionv4.0"/> 
And voila, PUT and DELETE now work. yay!
ASP. NET MVC doesn ' t, Web API does
It's interesting to note, the problem above applies specifically to ASP projects. When you create a new MVC project there ' s no custom handler registration made. So-for-MVC project or any project other than a API project you'll have a manually add the Handler–even if you add WebA PI features later.
If you create an ASP. WebAPI project You do get the following in the default Web. config created by the new project Temp Late:
<system.webServer> "extensionlessurlhandler-integrated-4.0"/> <add name="extensionlessurlhandler-integrated-4.0"Path="*."verb="*"type="System.Web.Handlers.TransferRequestHandler"Precondition="integratedmode,runtimeversionv4.0"/> 
For me this is probably the main reason for confusion–i expected it "just work" since I never had an issue with WebA Pi. But clearly different default configuration settings is made for API vs MVC applications (so much for ' one ASP. NET ').
In a-I suppose this makes sense–if you ' re not building API applications PUT and DELETE is unlikely to be something needed, but still it's confusing to has things work sometimes and not others.
Additional Issues:webdav
If you ' re running a MVC application and you run to this issue, most likely the Extensionlessurlhandler is the culprit. However, if that does not resolve the issue, there is a few other things to check:
If you had WebDav installed on your server/site, which causes a more restrictive url/routing rules to be applied including Removing the DELETE verb by default.
< system.webserver > < security > < requestfiltering > < verbs applytowebdav = "false" > <add verb = "DELETE" allowed = "true"
/>
< add verb = "PUT" allowed = "true"/> </verbs > </requestfiltering > </security > </sys Tem.webserver >
If you is using WebDav as part of your application or it's defined at the server root, you can add additional verbs to th e requestfiltering section to explicitly allow the verbs you ' re interested in through.
Alternately if you want to disable WebDav in your specific application:
<system.webServer>  <modules runallmanagedmodulesforallrequests="false" >    <remove name="webdavmodule" />  </modules></ System.webserver>
If you're not using a WebDav as part of your application (but it's defined at the server root) you can just remove the Modul E and the restrictions should actually go away.
ASP. NET MVC httpverbs.delete/put Routes not firing