IIS7 and ARR as reverse proxy for Subversion
Solution 1:
IIS7 has an applicationHost.config file which has a security section that limits file extensions:
<requestFiltering>
<fileExtensions allowUnlisted="true" applyToWebDAV="true">
<add fileExtension=".cs" allowed="false" />
<add fileExtension=".csproj" allowed="false" />
<add fileExtension=".vb" allowed="false" />
<add fileExtension=".vbproj" allowed="false" />
....
</fileExtensions>
More information:
http://learn.iis.net/page.aspx/143/how-to-use-request-filtering/
I added a similar section to my site's web.config and used a <clear />
node to remove all extensions. Now I can serve .cs, .csproj files and others, but I cannot serve .config files yet.
Edit: Removing the hiddenSection nodes corrected this for web.config files too. Here is my local web.config file:
<system.webServer>
<security>
<requestFiltering>
<fileExtensions allowUnlisted="true" applyToWebDAV="true">
<clear />
</fileExtensions>
<verbs allowUnlisted="true" applyToWebDAV="true" />
<hiddenSegments applyToWebDAV="true">
<clear />
</hiddenSegments>
</requestFiltering>
</security>
</system.webServer>
Solution 2:
I got it working with my web.config looking like so:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="ReverseProxyInboundRule1" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{CACHE_URL}" pattern="^(https?)://" />
</conditions>
<action type="Rewrite" url="{C:1}://localhost:8080/{R:1}" />
</rule>
</rules>
<outboundRules>
<rule name="ReverseProxyOutboundRule1" preCondition="ResponseIsHtml1">
<match filterByTags="A, Form, Img" pattern="^http(s)?://localhost:8080/(.*)" />
<action type="Rewrite" value="http{R:1}://svn.mysite.com/{R:2}" />
</rule>
<preConditions>
<preCondition name="ResponseIsHtml1">
<add input="{RESPONSE_CONTENT_TYPE}" pattern="^text/html" />
<add input="{RESPONSE_CONTENT_ENCODING}" pattern="[^(gzip)]" />
</preCondition>
</preConditions>
</outboundRules>
</rewrite>
<security>
<requestFiltering>
<fileExtensions allowUnlisted="true" applyToWebDAV="true">
<clear />
</fileExtensions>
<verbs allowUnlisted="true" applyToWebDAV="true" />
<hiddenSegments applyToWebDAV="true">
<clear />
</hiddenSegments>
</requestFiltering>
</security>
</system.webServer>
</configuration>