IIS Url Rewrite not working for certain extensions and characters

1
votes

I am using IIS 7.5 with the Url Rewrite module. Here is my rule.

<rule name="stash.domain.com" stopProcessing="true">
    <match url="(.*)" />
    <action type="Rewrite" url="http://192.168.5.9:8080/{R:1}" logRewrittenUrl="true" />
    <conditions>
        <add input="{HTTP_HOST}" pattern="^stash.domain.com$" />
    </conditions>
</rule>

Everything works as expected, except if the url contains and extension of ".cs", or if a "+" sign is in the url anywhere.

For example, these don't work

http://stash.domain.com/projects/MDX/repos/medxchange.library/browse/Src/MedXChange.Api/CoreServiceUrls.cs
http://stash.domain.com/projects/MDX/repos/medxchange.library/browse/Src/MedXChange.Api/CoreService+Urls

I get the following response from IIS with those urls.

404 - File or directory not found.

But, these will work, however, the proxy server will return a nice "file not found", which tells me the rule is processed and forwarding requests correctly.

http://stash.domain.com/projects/MDX/repos/medxchange.library/browse/Src/MedXChange.Api/CoreServiceUrls

I suspect the IIS has some top level filtering to either prevent certain file extensions from being served, or attempt to serve them nativelly within IIS, bypassing the rewrite rules. Also, I imagine there are more characters, aside from "+", that cause the rewrite rules to be ignored.

1
url-rewritingiis-7.5

1 Answers

1
votes

I had this problem too. It turns out the IIS is trying to be helpful and prevent remote users from downloading source code, which was exactly what I was trying to allow!

The fix was to go into Request Filtering and remove all the troublesome entries, although I skipped that and just put this in the web.config:

<system.webServer>
  <security>
    <requestFiltering>
      <fileExtensions>
        <clear />
      </fileExtensions>
    </requestFiltering>
  </security>
</system.webServer>