I've created an HTTPS server using IIS Manager (Windows 10). Now, I want this server to support CORS requests.
I've read some information. For example,
this link says that I have to create a file web.config in the directory. Unfortunately, it didn't work out.
This link says that I should edit some config files, but I don't find them on my machine.
I had a similar issue recently. Most tutorial/documentation only suggests adding custom headers in the configuration. But this does not tell IIS to handle the CORS Pre-flight request by itself.
To do so, you must install the CORS Module in IIS and add some configuration in the web.config file, as explained here: IIS CORS module Configuration Reference
I recently used this to Reverse Proxy to a REST API and handling the CORS only in IIS so that I don't have to rebuild my project to change CORS settings.
Try to add this into :
<system.webServer>
<modules>
<remove name="WebDAVModule" />
</modules>
</system.webServer>
Related
I have a nodejs backend, site served through iis7 via reverse proxy as per this website: https://alex.domenici.net/archive/deploying-a-node-js-application-on-windows-iis-using-a-reverse-proxy. In the node app i have a middleware layer to all get requests to cache content, like so
res.set('Cache-control', public, max-age=${period})
When running on my local machine i'm checking the headers via google developer tools and it does look like caching is working properly. When I move it to production, i can't seem get it to work. On IIS i've configured the HTTP Response Headers to expire after 10 days. My web.config looks like so (again per the link above)
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="*" />
</customHeaders>
</httpProtocol>
<staticContent>
<clientCache cacheControlMode="UseMaxAge" cacheControlMaxAge="10.00:00:00"/>
</staticContent>
</system.webServer> </configuration>
Tried various things without success. The only possible lead i have at this point is from this thread
https://social.msdn.microsoft.com/Forums/vstudio/en-US/981bf691-ed6e-460a-9e99-af24fc8bfc0e/nodejsweb-apps-output-cache-not-working-for-node-web-app?forum=opensourcedevwithazure
but i have no idea how to make the suggested change in the web.config file. A couple of notes, im currently just running my node app in the command prompt like so: node app.js, not as node bin/www as suggested in the link (having some odd issues). Also, the site is still very much in development so on ssl. Read that chrome might have some issues with it, but the problem is present in all browser tested (chrome, firefox, etc...)
I follow something similar to these steps to add CORs to IIS 10 and after about 10 minutes, the response header is removed and CORs stops working.
Open Internet Information Service (IIS) Manager.
Right click the site you want to enable CORS for and go to Properties.
Change to the HTTP Headers tab.
In the Custom HTTP headers section, click Add.
Enter Access-Control-Allow-Origin as the header name.
Enter * as the header value.
Click Ok twice.
Then I go back to Visual Studio and publish my project. Why are my CORs response headers being removed and how do I make them stay?
Thanks to a strong hint from S. Walker, I went onto the server, modified the response header as desired and then looked at the web.config file.
It had added:
<system.webServer>
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="*" />
</customHeaders>
</httpProtocol>
</system.webServer>
So I copied that into my project web.config file and published. Now it doesn't disappear and CORs continues to work. Seems obvious now.
I want to add re-write rules to my Azure app service, but if I even try create a web.config with a simple rewrite as shown below, the site returns an HTTP 500.
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="Test" stopProcessing="true">
<match url="test" />
<action type="Rewrite" url="/index.html" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
What I did is create the web.config from scratch and FTP it into the wwwroot folder for the app service which is where I Ftp'd the rest of my web site files.
I have seen an old conversation about web.config files in Azure, but I'm not even sure if this is in regards to Azure app service - and things change so quickly in Azure that I thought I should ask separately anyways.
I have also seen this link about using web.config transforms. Maybe this is required?
This other link seems to indicate that updating web.config is possible, but their example results in an HTTP 500 for me as well.
I've looked through configuration options in the Azure portal for my app service and nothing seems to jump out at me.
>>”This other link seems to indicate that updating web.config is possible”
Yes, we could update the configuration of Web App by updating Web.config file directly. You could upload a new version of configuration file to wwwroot folder by FTP/WebDeply or any other ways provided by Kudu. Another easy way to edit files in wwwroot folder is using the App Service Editor, you could use it to edit the configuration file.
I can’t reproduce your problem on my side. Following are what I done.
Create a Web App using a Web App Plan with “Shared” SKU.
Create 2 file, a index.html file and a Web.config file. The content in Web.config is same as yours.
Upload these files to wwwroot folder of my web app using FTP.
Open a web browser and input a URL like this “http: // xxx.azurewebsites.net/test”. The web server will return the content of index.html. It proves that the rewrite is working fine.
>>”but their example results in an HTTP 500 for me as well.”
Firstly, please mark sure whether the rewrite is working fine or not. I suggest you view the index.html page directly and check whether the error code(500) comes from index.html page.
Sometimes we provide the wrong syntax for rewrite rule, it will return 500 (URL Rewrite Module Error). Have you enabled Detailed Error Logging and Web Server Logging for your web app. If yes, you could view the detail error message to get more useful information. For how to enable and view diagnostics logging, link below is for your reference.
Enable diagnostics logging for web apps in Azure App Service
I'm using IIS 7 and I've got a site setup with an additional HTTP response header (X-UA-Compatible header).
I'm deploying an MVC4 project remotely to IIS using the Publish feature in Visual Studio 2010, which uses Web Deploy.
Problem is, every time I publish the site, the HTTP response header gets removed from the config in IIS - is there some way I can prevent this?
I figured it out - when you set headers at the site level in IIS 7, it alters the web.config file. I needed to add a customHeaders element in the web.config file that is deployed:
<system.webServer>
...
<httpProtocol>
<customHeaders>
<add name="X-UA-Compatible" value="IE=edge" />
</customHeaders>
</httpProtocol>
...
</system.webServer>
I have a php Facebook application which I have uploaded in a Microsoft server. When I run the application i get this error. Does anybody know the cause of this ?
405 - HTTP verb used to access this page is not allowed. The page you
are looking for cannot be displayed because an invalid method (HTTP
verb) was used to attempt access.
Even if you are using IIS or apache, in my guess you are using static html page as a landing page, and by default the web server doesn't allow POST or GET verb on .html page, facebook calls your page via POST/GET verb
the solution would be to rename the page into .php or .aspx
and you should be good to go :)
In the Facebook app control panel make sure you have a forward slash on the end of any specified URL if you are only specifying a folder name
i.e.
Page Tab URL: http://mypagetabserver.com/custom_tab/
you can add these lines to the web.config:
<system.webServer>
<modules>
<remove name="WebDAVModule" />
</modules>
<handlers>
<remove name="WebDAV" />
</handlers>
</system.webServer>
It means litraly that, your trying to use the wrong http verb when accessing some http content. A lot of content on webservices you need to use a POST to consume. I suspect your trying to access the facebook API using the wrong http verb.
I fixed mine by adding these lines on my IIS webconfig.
<httpErrors>
<remove statusCode="405" subStatusCode="-1" />
<error statusCode="405" prefixLanguageFilePath="" path="/my-page.htm" responseMode="ExecuteURL" />
</httpErrors>
I've been pulling my hair out over this one for a couple of hours also. fakeartist appears correct though - I changed the file extension from .htm to .php and I can now see my page in Facebook! It also works if you change the extension to .aspx - perhaps it just needs to be a server side extension (I've not tried with .jsp).
Try renaming the default file. In my case, a recent move to IIS7.5 gave the 405 error. I changed index.aspx to default.aspx and it worked immediately for me.
In my case, IIS was fine but.. uh.. all the files in the folder except web.config had been deleted (a manual deployment half-done on a test site).
I got this error when I was using jquery and lib was not present in the given path, once jquery lib is added back error was gone.
[File name - calculate.html]
I had this err on the host too (my project was .net core2.1 webapi )
please add this code in web config in host :
<modules>
<remove name="WebDAVModule" />
</modules>