Last post Sep 22, 2010 04:00 PM by benrick
Sep 22, 2010 03:15 PM|MisterZimbu|LINK
Is it safe to still use the RemoteOnly customErrors mode (as long as the custom error still always goes to the same page regardless of error code)? Or does it explicitly have to be set to "on".
Also, redirectMode="ResponseRewrite" explicitly required for 3.5 SP1 and up or can I just leave that empty? If so, does that make 3.5 and less "less secure" beacuse that property wasn't exposed? Or was that mode just the default back then? The issue is
that it's going to be cumbersome to go through all the sites on the server and determine the exact .NET version each one is running.
Sep 22, 2010 04:00 PM|benrick|LINK
You can have remoteOnly as long as you don't have anything inside the custom errors section. No specific handling for 404 or anything else. It should be an empty tag for the custom errors.
From Scott Guthrie's blog
>>>>>>>> Thanks for posting this information Scott. I use this in ASP 2.0, 3.5 and 3.5 SP1 sites: <customErrors mode="RemoteOnly" defaultRedirect="Issue.htm" /> I am explicitly stating the defaultRedirect but the mode is not "On"
RemoteOnly will also work fine.