appcmd.exe to List IIS配置部分属性正在返回错误消息:未知属性
在高架提示中运行此命令:
%systemroot%\system32\inetsrv\appcmd list config "website" /section:requestFiltering /text:AllowDoubleEscaping
返回错误消息:错误(消息:未知属性““ allowDoubleScaping”“”。替换为 - ?寻求帮助。
我
%systemroot%\system32\inetsrv\appcmd set config -section:requestFiltering -?
它 ,我可以看到缺少允许doubleScaping
ERROR ( message:-allowHighBitCharacters
-unescapeQueryString
-removeServerHeader
-fileExtensions.allowUnlisted
-fileExtensions.applyToWebDAV
-fileExtensions.[fileExtension='string'].fileExtension
-fileExtensions.[fileExtension='string'].allowed
-requestLimits.maxAllowedContentLength
-requestLimits.maxUrl
-requestLimits.maxQueryString
-requestLimits.headerLimits.[header='string'].header
-requestLimits.headerLimits.[header='string'].sizeLimit
-verbs.allowUnlisted
-verbs.applyToWebDAV
-verbs.[verb='string'].verb
-verbs.[verb='string'].allowed
-hiddenSegments.applyToWebDAV
-hiddenSegments.[segment='string'].segment
-alwaysAllowedUrls.[url='string'].url
-alwaysAllowedQueryStrings.[queryString='string'].queryString
-denyUrlSequences.[sequence='string'].sequence
-denyQueryStringSequences.[sequence='string'].sequence
-filteringRules.[name='string'].name
-filteringRules.[name='string'].scanUrl
-filteringRules.[name='string'].scanQueryString
-filteringRules.[name='string'].scanAllRaw
-filteringRules.[name='string'].denyUnescapedPercent
-filteringRules.[name='string'].scanHeaders.[requestHeader='string'].requestHeader
-filteringRules.[name='string'].appliesTo.[fileExtension='string'].fileExtension
-filteringRules.[name='string'].denyStrings.[string='string'].string
,因此AppCMD实际检查哪些文件?我继续检查C:\ Windows \ System32 \ inetsrv \ config \ schema \ iis_schema.xml文件,它确实在其中定义了此属性。这似乎是定义的唯一位置,所以我很困惑它在其他地方找不到以抛出错误的属性?
<sectionSchema name="system.webServer/security/requestFiltering">
<attribute name="allowDoubleEscaping" type="bool" defaultValue="false" />
<attribute name="allowHighBitCharacters" type="bool" defaultValue="true" />
<attribute name="unescapeQueryString" type="bool" defaultValue="true" />
I am running this command as admin in elevated prompt:
%systemroot%\system32\inetsrv\appcmd list config "website" /section:requestFiltering /text:AllowDoubleEscaping
It returns error message: ERROR (message:Unknown attribute ""AllowDoubleEscaping"". Replace with -? for help.)
So I next ran the following command:
%systemroot%\system32\inetsrv\appcmd set config -section:requestFiltering -?
It returned this output and yes, I can see that the allowDoubleEscaping is missing
ERROR ( message:-allowHighBitCharacters
-unescapeQueryString
-removeServerHeader
-fileExtensions.allowUnlisted
-fileExtensions.applyToWebDAV
-fileExtensions.[fileExtension='string'].fileExtension
-fileExtensions.[fileExtension='string'].allowed
-requestLimits.maxAllowedContentLength
-requestLimits.maxUrl
-requestLimits.maxQueryString
-requestLimits.headerLimits.[header='string'].header
-requestLimits.headerLimits.[header='string'].sizeLimit
-verbs.allowUnlisted
-verbs.applyToWebDAV
-verbs.[verb='string'].verb
-verbs.[verb='string'].allowed
-hiddenSegments.applyToWebDAV
-hiddenSegments.[segment='string'].segment
-alwaysAllowedUrls.[url='string'].url
-alwaysAllowedQueryStrings.[queryString='string'].queryString
-denyUrlSequences.[sequence='string'].sequence
-denyQueryStringSequences.[sequence='string'].sequence
-filteringRules.[name='string'].name
-filteringRules.[name='string'].scanUrl
-filteringRules.[name='string'].scanQueryString
-filteringRules.[name='string'].scanAllRaw
-filteringRules.[name='string'].denyUnescapedPercent
-filteringRules.[name='string'].scanHeaders.[requestHeader='string'].requestHeader
-filteringRules.[name='string'].appliesTo.[fileExtension='string'].fileExtension
-filteringRules.[name='string'].denyStrings.[string='string'].string
So which files is appcmd actually checking for these? I went ahead and checked the C:\Windows\System32\inetsrv\config\schema\IIS_schema.xml file and it does have this attribute defined in there. This seems to be the only place this is defined, so I am confused where else its not finding this attribute to throw the error??
<sectionSchema name="system.webServer/security/requestFiltering">
<attribute name="allowDoubleEscaping" type="bool" defaultValue="false" />
<attribute name="allowHighBitCharacters" type="bool" defaultValue="true" />
<attribute name="unescapeQueryString" type="bool" defaultValue="true" />
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论