当前位置: 文江博客话题详情

IIS7 和 ARR 作为 Subversion 的反向代理

发布于 2024-08-05 10:35:06 字数 263 浏览 7 评论 0原文

我使用 IIS7 和应用程序请求路由扩展来充当 Apache 上运行的 Subversion 的反向代理。

代理工作正常,我能够探索服务器,甚至执行“签出”。但是,我无法浏览 ASP.NET 通常禁止的文件 - 例如 .cs、.csproj 等。 ASP.NET 不关心的文件 - 例如 .txt - 都可以。

我尝试编辑全局 web.config 以删除这些文件的禁止处理程序映射,但似乎没有什么区别。有什么办法可以让IIS7中的URL重写模块工作,同时允许呈现所有文件扩展名?

原文

I am using IIS7 and the Application Request Routing extension to act as a reverse proxy to Subversion running on Apache.

The proxy works fine and I am able to explore the server, and even perform a "check out". However, I cannot browse to files that would normally be forbidden by ASP.NET - for example, .cs, .csproj, and so on. Files ASP.NET wouldn't be concerned with - such as .txt - are fine.

I tried to edit the global web.config to remove the Forbidden handler mapping for these files, but it did not seem to make a difference. Is there any way to allow the URL rewriting module in IIS7 to work, while allowing all file extensions to be rendered?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(4

浊酒尽余欢 2024-08-12 10:35:06

IIS7 有一个 applicationHost.config 文件,其中包含安全部分限制文件扩展名:

<requestFiltering>
  <fileExtensions allowUnlisted="true" applyToWebDAV="true">
    <add fileExtension=".cs" allowed="false" />
    <add fileExtension=".csproj" allowed="false" />
    <add fileExtension=".vb" allowed="false" />
    <add fileExtension=".vbproj" allowed="false" />
    ....
  </fileExtensions>

更多信息:

http:// learn.iis.net/page.aspx/143/how-to-use-request-filtering/

我在网站的 web.config 中添加了类似的部分,并使用了 < /code> 节点删除所有扩展。现在我可以提供 .cs、.csproj 文件和其他文件,但我还无法提供 .config 文件。

编辑:删除hiddenSection节点也纠正了web.config文件的这个问题。这是我本地的 web.config 文件:

<system.webServer>
  <security>
    <requestFiltering>
      <fileExtensions allowUnlisted="true" applyToWebDAV="true">
        <clear />
      </fileExtensions>
      <verbs allowUnlisted="true" applyToWebDAV="true" />
      <hiddenSegments applyToWebDAV="true">
        <clear />
      </hiddenSegments>
    </requestFiltering>
  </security>
</system.webServer>

IIS7 has an applicationHost.config file which has a security section that limits file extensions:

<requestFiltering>
  <fileExtensions allowUnlisted="true" applyToWebDAV="true">
    <add fileExtension=".cs" allowed="false" />
    <add fileExtension=".csproj" allowed="false" />
    <add fileExtension=".vb" allowed="false" />
    <add fileExtension=".vbproj" allowed="false" />
    ....
  </fileExtensions>

More information:

http://learn.iis.net/page.aspx/143/how-to-use-request-filtering/

I added a similar section to my site's web.config and used a <clear /> node to remove all extensions. Now I can serve .cs, .csproj files and others, but I cannot serve .config files yet.

Edit: Removing the hiddenSection nodes corrected this for web.config files too. Here is my local web.config file:

<system.webServer>
  <security>
    <requestFiltering>
      <fileExtensions allowUnlisted="true" applyToWebDAV="true">
        <clear />
      </fileExtensions>
      <verbs allowUnlisted="true" applyToWebDAV="true" />
      <hiddenSegments applyToWebDAV="true">
        <clear />
      </hiddenSegments>
    </requestFiltering>
  </security>
</system.webServer>
回复 原文
酒废 2024-08-12 10:35:06

我让它与我的 web.config 一起工作,如下所示:

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
    <system.webServer>
        <rewrite>
            <rules>
                <rule name="ReverseProxyInboundRule1" stopProcessing="true">
                    <match url="(.*)" />
                    <conditions>
                        <add input="{CACHE_URL}" pattern="^(https?)://" />
                    </conditions>
                    <action type="Rewrite" url="{C:1}://localhost:8080/{R:1}" />
                </rule>
            </rules>
            <outboundRules>
                <rule name="ReverseProxyOutboundRule1" preCondition="ResponseIsHtml1">
                    <match filterByTags="A, Form, Img" pattern="^http(s)?://localhost:8080/(.*)" />
                    <action type="Rewrite" value="http{R:1}://svn.mysite.com/{R:2}" />
                </rule>
                <preConditions>
                    <preCondition name="ResponseIsHtml1">
                        <add input="{RESPONSE_CONTENT_TYPE}" pattern="^text/html" />
                        <add input="{RESPONSE_CONTENT_ENCODING}" pattern="[^(gzip)]" />
                    </preCondition>
                </preConditions>
            </outboundRules>
        </rewrite>
        <security>
        <requestFiltering>
          <fileExtensions allowUnlisted="true" applyToWebDAV="true">
            <clear />
          </fileExtensions>
          <verbs allowUnlisted="true" applyToWebDAV="true" />
          <hiddenSegments applyToWebDAV="true">
            <clear />
          </hiddenSegments>
        </requestFiltering>
      </security>
    </system.webServer>
</configuration>

I got it working with my web.config looking like so:

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
    <system.webServer>
        <rewrite>
            <rules>
                <rule name="ReverseProxyInboundRule1" stopProcessing="true">
                    <match url="(.*)" />
                    <conditions>
                        <add input="{CACHE_URL}" pattern="^(https?)://" />
                    </conditions>
                    <action type="Rewrite" url="{C:1}://localhost:8080/{R:1}" />
                </rule>
            </rules>
            <outboundRules>
                <rule name="ReverseProxyOutboundRule1" preCondition="ResponseIsHtml1">
                    <match filterByTags="A, Form, Img" pattern="^http(s)?://localhost:8080/(.*)" />
                    <action type="Rewrite" value="http{R:1}://svn.mysite.com/{R:2}" />
                </rule>
                <preConditions>
                    <preCondition name="ResponseIsHtml1">
                        <add input="{RESPONSE_CONTENT_TYPE}" pattern="^text/html" />
                        <add input="{RESPONSE_CONTENT_ENCODING}" pattern="[^(gzip)]" />
                    </preCondition>
                </preConditions>
            </outboundRules>
        </rewrite>
        <security>
        <requestFiltering>
          <fileExtensions allowUnlisted="true" applyToWebDAV="true">
            <clear />
          </fileExtensions>
          <verbs allowUnlisted="true" applyToWebDAV="true" />
          <hiddenSegments applyToWebDAV="true">
            <clear />
          </hiddenSegments>
        </requestFiltering>
      </security>
    </system.webServer>
</configuration>
回复 原文
凉墨 2024-08-12 10:35:06

除了 Paul Stovell 的回答之外,我还建议激活双重转义。我在检索文件名中包含“+”字符的文件时遇到错误。双重转义消除了这个问题:

    <configuration>
        <system.webServer>
            <rewrite>
                <rules>
                    <rule name="SVNIn" stopProcessing="false">
                        <match url="(.*)" />
                        <action type="Rewrite" url="http://localhost:8082/svn/{R:1}" />
                    </rule>
                </rules>
            </rewrite>
            <security>
                <requestFiltering allowDoubleEscaping="true">
                    <fileExtensions allowUnlisted="true" applyToWebDAV="true">
                        <clear />
                    </fileExtensions>
                    <verbs allowUnlisted="true" applyToWebDAV="true" />
                    <hiddenSegments applyToWebDAV="true">
                        <clear />
                    </hiddenSegments>
                </requestFiltering>
            </security>
        </system.webServer>
    </configuration>

In addition to Paul Stovell answer, I would recommend activating double escaping. I encountered errors when retrieving files continaing a "+" character in the file name. Double escaping eliminates this problem :

    <configuration>
        <system.webServer>
            <rewrite>
                <rules>
                    <rule name="SVNIn" stopProcessing="false">
                        <match url="(.*)" />
                        <action type="Rewrite" url="http://localhost:8082/svn/{R:1}" />
                    </rule>
                </rules>
            </rewrite>
            <security>
                <requestFiltering allowDoubleEscaping="true">
                    <fileExtensions allowUnlisted="true" applyToWebDAV="true">
                        <clear />
                    </fileExtensions>
                    <verbs allowUnlisted="true" applyToWebDAV="true" />
                    <hiddenSegments applyToWebDAV="true">
                        <clear />
                    </hiddenSegments>
                </requestFiltering>
            </security>
        </system.webServer>
    </configuration>
回复 原文
眼眸印温柔 2024-08-12 10:35:06
<system.webServer>

    <security>

        <requestFiltering>

            <requestLimits maxAllowedContentLength="30000000" maxUrl="4096" maxQueryString="131072" />

        </requestFiltering>

    </security>

</system.webServer>

<system.webServer>

    <security>

        <requestFiltering>

            <requestLimits maxAllowedContentLength="30000000" maxUrl="4096" maxQueryString="131072" />

        </requestFiltering>

    </security>

</system.webServer>
回复 原文
~没有更多了~

关于作者

一页

暂无简介

0 文章
0 评论
23 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

留蓝

文章 0 评论 0

18790681156

文章 0 评论 0

zach7772

文章 0 评论 0

Wini

文章 0 评论 0

ayeshaaroy

文章 0 评论 0

初雪

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文