IIS7 and ARR as reverse proxy for Subversion

前端 未结 2 1051
轮回少年
轮回少年 2021-02-04 13:10

I am using IIS7 and the Application Request Routing extension to act as a reverse proxy to Subversion running on Apache.

The proxy works fine and I am able to explore t

相关标签:
2条回答
  • 2021-02-04 13:16

    I got it working with my web.config looking like so:

    <?xml version="1.0" encoding="UTF-8"?>
    <configuration>
        <system.webServer>
            <rewrite>
                <rules>
                    <rule name="ReverseProxyInboundRule1" stopProcessing="true">
                        <match url="(.*)" />
                        <conditions>
                            <add input="{CACHE_URL}" pattern="^(https?)://" />
                        </conditions>
                        <action type="Rewrite" url="{C:1}://localhost:8080/{R:1}" />
                    </rule>
                </rules>
                <outboundRules>
                    <rule name="ReverseProxyOutboundRule1" preCondition="ResponseIsHtml1">
                        <match filterByTags="A, Form, Img" pattern="^http(s)?://localhost:8080/(.*)" />
                        <action type="Rewrite" value="http{R:1}://svn.mysite.com/{R:2}" />
                    </rule>
                    <preConditions>
                        <preCondition name="ResponseIsHtml1">
                            <add input="{RESPONSE_CONTENT_TYPE}" pattern="^text/html" />
                            <add input="{RESPONSE_CONTENT_ENCODING}" pattern="[^(gzip)]" />
                        </preCondition>
                    </preConditions>
                </outboundRules>
            </rewrite>
            <security>
            <requestFiltering>
              <fileExtensions allowUnlisted="true" applyToWebDAV="true">
                <clear />
              </fileExtensions>
              <verbs allowUnlisted="true" applyToWebDAV="true" />
              <hiddenSegments applyToWebDAV="true">
                <clear />
              </hiddenSegments>
            </requestFiltering>
          </security>
        </system.webServer>
    </configuration>
    
    0 讨论(0)
  • 2021-02-04 13:30

    IIS7 has an applicationHost.config file which has a security section that limits file extensions:

    <requestFiltering>
      <fileExtensions allowUnlisted="true" applyToWebDAV="true">
        <add fileExtension=".cs" allowed="false" />
        <add fileExtension=".csproj" allowed="false" />
        <add fileExtension=".vb" allowed="false" />
        <add fileExtension=".vbproj" allowed="false" />
        ....
      </fileExtensions>
    

    More information:

    http://learn.iis.net/page.aspx/143/how-to-use-request-filtering/

    I added a similar section to my site's web.config and used a <clear /> node to remove all extensions. Now I can serve .cs, .csproj files and others, but I cannot serve .config files yet.

    Edit: Removing the hiddenSection nodes corrected this for web.config files too. Here is my local web.config file:

    <system.webServer>
      <security>
        <requestFiltering>
          <fileExtensions allowUnlisted="true" applyToWebDAV="true">
            <clear />
          </fileExtensions>
          <verbs allowUnlisted="true" applyToWebDAV="true" />
          <hiddenSegments applyToWebDAV="true">
            <clear />
          </hiddenSegments>
        </requestFiltering>
      </security>
    </system.webServer>
    
    0 讨论(0)
提交回复
热议问题