I am trying to access AppSettings Key in the Url Rewrite rules and I am not sure how to access them. Can anyone help me out?
<appSettings>
<add key="APIUrl" value="https://www.x.com/api/{R:1}" />
</appSettings>
<system.webServer>
<rewrite>
<rules>
<rule name="ProxyApi" stopProcessing="true">
<match url="^api/?(.*)" />
<serverVariables>
<set name="HTTP_X_ORIGINAL_ACCEPT_ENCODING" value="{HTTP_ACCEPT_ENCODING}" />
<set name="HTTP_X_ORIGINAL_HOST" value="{HTTP_HOST}" />
</serverVariables>
<action type="Rewrite" url="{APIUrl}" />
</rule>
</rules>
</rewrite>
</system.webServer>
Trying to access the APIUrl key in the UrlRewrite Rule
I think that appsettings are unavailable elsewhere in your config files.
I've found two ways to address this issue using msbuild:
Use xmlupdate task from MSBuild Community Tasks Project to update config files. My work was using this already so it was the path that I took. Would look Like:
<XmlUpdate
XPath="//rule[#name='ProxyApi']/action/#url"
XmlFileName="{Your Config File Location}"
Value="https://www.x.com/api/{R:1}" />
Use XslTransformation Task to update your config files. This solution is built in but requires more knowledge of XSL. The Xsl would looke something like:
<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0">
<xsl:output method="xml" indent="yes"/>
<!-- identity transform -->
<xsl:template match="#*|node()">
<xsl:copy>
<xsl:apply-templates select="#*|node()"/>
</xsl:copy>
</xsl:template>
<xsl:template match="//rule[#name='ProxyApi']/action/#url">
<xsl:attribute name="url">
<xsl:value-of select="'https://www.x.com/api/{R:1}'"/>
</xsl:attribute>
</xsl:template>
</xsl:stylesheet>
Related
I'm running this command:
mvn org.codehaus.mojo:xml-maven-plugin:transform "-DAPP=testingapp"
And inside my XSL I'm transforming a graphml to a HTML and I want to display this app name on the top of my HTML.
How do I read this attribute that I'm passing on the command line on my xsl?
Thank you!
Yes. It is possible.
In your pom.xml
<configuration>
<transformationSets>
<transformationSet>
<parameters>
<parameter>
<name>APP</name>
<value>${APP}</value>
</parameter>
</parameters>
</transformationSet>
</transformationSets>
</configuration>
In your xsl file
<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0">
<xsl:output method="xml" indent="yes" />
<xsl:param name="APP" />
<xsl:value-of select="$APP"/>
</xsl:stylesheet>
You will need to declare in pom.xml and repeat in your xsl file. This is the trick.
Note: This also work for xslt-2.0
I was dealing with CORS issue a couple days ago where I need to support multiple origins. I did some research and found a couple posts pointing me to this great tool (URL Rewrite). I got the solution I wanted following Paco Zarate tip here: Access-control-allow-origin with multiple domains using URL Rewrite. I also found another post here: http://www.carlosag.net/articles/enable-cors-access-control-allow-origin.cshtml showing me how to achieve the same solution with a different method of configuration within URL Rewrite.
Paco Zarate solution works like a charm. Why am I still asking question? It's just for learning purposes. And also I think the second post configuration yields a more elegant list of origins/domains I want to white-listed. For ease of maintainability I can just go to the Rewrite Maps and see all of my AllowedOrigins.
When attempted the second post's solution, I got this message: ERR_CONNECTION_RESET under Console tab of the browser debugger tool. And the request header under Network tab says "Provisional headers are shown"
Many thanks in advance.
My config file:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<httpErrors errorMode="Detailed" />
<urlCompression doStaticCompression="true" doDynamicCompression="true" />
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Headers" value="Origin, Content-Type, Accept" />
<add name="Access-Control-Request-Method" value="POST" />
<add name="Access-Control-Allow-Credentials" value="true" />
<add name="Access-Control-Allow-Origin" value="http://localhost:8080" />
</customHeaders>
</httpProtocol>
<rewrite>
<rules>
<rule name="Capture Origin Header">
<match url=".*" />
<conditions>
<add input="{HTTP_ORIGIN}" pattern=".+" />
</conditions>
<serverVariables>
<set name="CAPTURED_ORIGIN" value="{C:0}" />
</serverVariables>
<action type="None" />
</rule>
<rule name="Preflight Options" enabled="false" stopProcessing="true">
<match url=".*" />
<conditions>
<add input="{REQUEST_METHOD}" pattern="^OPTIONS$" />
</conditions>
<action type="CustomResponse" statusCode="200" statusReason="Preflight" statusDescription="Preflight" />
</rule>
</rules>
<rewriteMaps>
<rewriteMap name="AllowedOrigins">
<add key="http://somedomain:8080" value="http://localhost:8080" />
</rewriteMap>
</rewriteMaps>
<outboundRules>
<rule name="Set-Access-Control-Allow-Origin for known origins">
<match serverVariable="RESPONSE_Access-Control-Allow-Origin" pattern=".+" negate="true" />
<conditions>
<add input="{AllowedOrigins:{CAPTURED_ORIGIN}}" pattern=".+" />
</conditions>
<action type="Rewrite" value="{C:0}" />
</rule>
</outboundRules>
</rewrite>
<tracing>
<traceFailedRequests>
<add path="*">
<traceAreas>
<add provider="WWW Server" areas="Rewrite" verbosity="Verbose" />
</traceAreas>
<failureDefinitions timeTaken="00:00:00" statusCodes="500" verbosity="Error" />
</add>
</traceFailedRequests>
</tracing>
</system.webServer>
I had a lot of issues trying to use URL Rewrite module to enable CORS, after a lot of troubleshooting I found that for IIS 7.5+ you can use IIS CORS Module: https://www.iis.net/downloads/microsoft/iis-cors-module
Your web.config should be something like this:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<cors enabled="true" failUnlistedOrigins="true">
<add origin="http://localhost:8080" allowCredentials="true">
<allowMethods>
<add method="POST" />
</allowMethods>
</add>
</cors>
</system.webServer>
</configuration>
You can find the configuration reference in here: https://learn.microsoft.com/en-us/iis/extensions/cors-module/cors-module-configuration-reference
I have a solution with multiple projects, the transforms work in other projects but not this one. What could be the reason?
The project is an MVC 4 application
The configuration manager for the solution shows that when the solution configuration is LIVE then it should use the LIVE configuration for the project.
There is a Web.config, Web.Live.config, Web.Stage.config
In the Web.Live.config I have this code:
<?xml version="1.0" encoding="utf-8"?>
<configuration xmlns:xdt="http://schemas.microsoft.com/XML-Document-Transform">
<system.web>
<compilation debug="false" xdt:Transform="SetAttributes"></compilation>
</system.web>
<system.webServer>
<rewrite>
<rules>
<clear />
<rule name="Redirect to https" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Permanent" appendQueryString="false" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
I publish it to my web server, ensuring the configuration is set to Live.
The web config on the server does not contain the transformations.
Any ideas?
I've solved this, it seems in this situation I had to add xdt:Transform="Insert" to the <rewrite> tag.
I don't know why I need that considering the default template for a transformed config file contains markup that inserts code without such an attribute that works ok...
I have a file (called 'log.html') on my iis7.5 server that I would like my PHP installation to be able to access and write to, but I do not want anybody to access the file directly, for example typing in 'http://computername/log.html' (I am on a LAN).
How can I prevent users from accessing it but allow php to see it?
When using the web.config file suggested below, I get this error:
You can use IIS URL Rewrite and create a Request Blocking Rule to prevent access over HTTP:
For example:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="BlockLogFile"
patternSyntax="Wildcard"
stopProcessing="true">
<match url="*" />
<conditions>
<add input="{URL}" pattern="/log.html" />
</conditions>
<action type="CustomResponse"
statusCode="403"
statusReason="Forbidden: Access is denied."
statusDescription="This is sekret!" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
I think that I may have answered my own question! I still need to test it a bit more, and perhaps if it does not work completely then someone could correct me:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<httpProtocol>
<customHeaders>
<add name="cache-control" value="no-store, no-cache, must-revalidate, max-age=0" />
</customHeaders>
</httpProtocol>
<staticContent>
<clientCache cacheControlMode="DisableCache" />
</staticContent>
<security>
<requestFiltering>
<denyUrlSequences>
<add sequence="log.html" />
</denyUrlSequences>
</requestFiltering>
</security>
</system.webServer>
</configuration>
The cache control bit prevents the browser from caching anything that it returned.
Hope this helps somebody else! I am still very new to this, so you might be able to get around this.
I am trying to use [RequireHttps] in Rackspace Cloud Site, but I am just getting a redirect loop message when I hit any actions that use the attribute. I have talk to support, but they are not much help. Has anyone got [RequireHttps] working in a MVC 3 site on rackspace cloud sites?
I was having this same problem. I finally found a knowledge base article on Rackspace's site.
http://www.rackspace.com/knowledge_center/article/how-do-i-force-ssl-on-my-aspnet-site-on-cloud-sites
The web.config option worked just fine, just be sure to remove the [RequireHttps] attribute from your code (it isn't needed).
I have copied it below for simplicity.
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="Redirect to HTTPS" stopProcessing="true">
<match url=".*" />
<conditions>
<add input="{HTTP_CLUSTER_HTTPS}" pattern="^on$" negate="true" />
<add input="{HTTP_CLUSTER_HTTPS}" pattern=".+" negate="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{SCRIPT_NAME}" redirectType="SeeOther" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>