How to set origin value or referer value in a response-header using tuckey url rewrite filter xml file.
Accessing %{origin} directly in the set tag is not working but not working in condition tag.
Below is the example I tried.
<rule enabled="true" last="false" match-type="regex">
<name>Enabling CORS Headers</name>
<from>^/path/someMorePath.*$</from>
<condition name="origin" operator="equal">http://www.testsite.com</condition> <!-- would like to write some regex to match a set of sites and if matched, then set the same origin as response -->
<set type="response-header" name="Access-Control-Allow-Origin">%{origin}</set>
<set type="response-header" name="Access-Control-Allow-Credentials">true</set>
</rule>
After having an complete understanding on the urlrewritefilter of tuckey api, the solution is to have a regular expression.
<rule enabled="true" match-type="regex">
<name>Enabling CORS Headers</name>
<from>^/path/someMorePath.*$</from>
<condition name="origin" operator="equal">([a-z.\/\/0-9]+)</condition>
<set type="response-header" name="Access-Control-Allow-Origin">%1</set>
<set type="response-header" name="Access-Control-Allow-Credentials">true</set>
</rule>
So, here using the regular expression in the condition tag and then using the back references in the regular expression as the variables in the response header
Related
We have an application that is run in a virtual folder in IIS. We don't want the virtual folder name to be part our links though (primarily to preserve original link names for SEO reasons).
So here is one example of a rewrite rule we're using:
<rule name="Rewrite Account controller to UI">
<match url="/Account(.*)"/>
<action type="Rewrite" url="ui/Account{R:1}"/>
<conditions>
<add input="{URL}" pattern="\.axd$" negate="true" ignoreCase="true"/>
</conditions>
</rule>
The problem with this rule is that it would also match "~/someothercontroller/258642/Accounting-Essentials" and turn it into "/ui/Accounting-Essentials". And I don't want to include the host because the host is different in each environment.
What would this need to look like to match only if the expression is the first thing after the host?
Edit:
Sorry, I guess my post wasn't as clear as I thought it was. An example would be http://x/Account. This should rewrite to http://x/ui/Account. The x could be any host name with any number of periods but it's only the host name so it wouldn't contain any slashes.
You can see in the rule I have above that I want it to include anything that comes after Account however I realize that's not quite right either because it shouldn't match "http://x/Accounting", but it should match "http://x/Account/whatever".
So essentially, you want to make sure that Account comes right after the host, and also that Account is the full name of the directory. You can achieve this like so:
<rule name="Rewrite Account controller to UI">
<match url="^Account(/.*)?"/>
<action type="Rewrite" url="ui/Account{R:1}"/>
<conditions>
<add input="{URL}" pattern="\.axd$" negate="true" ignoreCase="true"/>
</conditions>
</rule>
The ^ ensures that this is the beginning of the string that you are evaluating.
The / after Account ensures that you only rewrite the url if "Account" is the full name of the directory.
It appears from the documentation that the inital / will not be included in the string you're evaluating (which is why I removed it), but you can test it both ways to be sure.
Also note that I added a / before {R:1}.
Edit: Another way
You could also add a rule that verifies that the whole URL matches a certain pattern. This might actually be an easier way:
<rule name="Rewrite Account controller to UI">
<match url="/Account(.*)"/>
<action type="Rewrite" url="ui/Account{R:1}"/>
<conditions>
<add input="{URL}" pattern="\.axd$" negate="true" ignoreCase="true"/>
<add input="{REQUEST_URI}" pattern="^/Account(/.*)?" ignoreCase="true"/>
</conditions>
</rule>
The Microsoft docs give this example of the server variable values:
For example, if a request was made for this URL:
http://www.example.com/content/default.aspx?tabid=2&subtabid=3, and a rewrite rule was defined on the site level then:
The rule pattern gets the URL string content/default.aspx as an input.
The QUERY_STRING server variable contains tabid=2&subtabid=3.
The HTTP_HOST server variable contains www.example.com.
The SERVER_PORT server variable contains 80.
The SERVER_PORT_SECURE server variable contains 0 and HTTPS contains OFF.
The REQUEST_URI server variable contains /content/default.aspx?tabid=2&subtabid=3.
The PATH_INFO server variable contains /content/default.aspx.
we have a IIS reverse proxy response rule, which modifies Location HTTP header.. I am trying to decode the logic and planning to write same logic in xslt, can someone explain below logic. how match pattern works and action rewrite and value works and what is R:1, R:2 , R:3 here ?
<rule name="Change Location Header" enabled="true">
<match serverVariable="RESPONSE_LOCATION" pattern="^http(s)?://([^/]+)/(.*)" />
<conditions logicalGrouping="MatchAny" trackAllCaptures="true">
<add input="{RESPONSE_STATUS}" pattern="^301" />
<add input="{RESPONSE_STATUS}" pattern="^302" />
</conditions>
<action type="Rewrite" value="http{R:1}://{R:2}/{R:3}" />
</rule>
Your rule is changing the domain in the HTTP location header for redirect responses
How is working match condition and what is R:1,R:2,R:3
RESPONSE_LOCATION variable has full lik url. For example:
https://demo.cloudimg.io/s/width/300/sample.li/boat.jpg
In this case, after match operation with regexp: ^http(s)?://([^/]+)/(.*)
Mathces will be like that:
{R:0} https://demo.cloudimg.io/s/width/300/sample.li/boat.jpg
{R:1} s
{R:2} demo.cloudimg.io
{R:3} s/width/300/sample.li/boat.jpg
I am using tuckey to rewrite URLs:
<rule>
<from>^/?([a-z-/]+)$</from>
<to>/$1.xhtml</to>
</rule>]
However..I have a webservice servlet hosted at:
/ws/service
How do I exclude that from Tuckey rewriting? With the existing rule this will forward the request to /ws/service.xhtml which doesn't exist.
Add the following rule:
<rule>
<from>^/ws/.*$</from>
<to last="true">-</to>
</rule>
Our application depends on the client IP address for various features. We've updated our infrastructure and changed how we load balance our application. Because of the change, the CGI.REMOTE_ADDR being reported to the application is that static load balancer IP not the client IP. To fix this, the LB support said to add a rule to both the LB and IIS. The LB is now configured to send a header [http_x_forwarded_for] with the client ip.
The rewrite rule in IIS looks like this:
<rule name="REMOTE_ADDR rewrite" enabled="true" patternSyntax="ECMAScript">
<match url="^((?!GetImage).)*$" />
<serverVariables>
<set name="REMOTE_ADDR" value="{HTTP_X_FORWARDED_FOR}" />
</serverVariables>
<action type="Rewrite" url="{R:0}" appendQueryString="true" logRewrittenUrl="false" />
</rule>
<rule name="REMOTE_ADDR blank URL rewrite" enabled="true">
<match url="^$" />
<serverVariables>
<set name="REMOTE_ADDR" value="{HTTP_X_FORWARDED_FOR}" />
</serverVariables>
<action type="Rewrite" url="default.cfm" />
</rule>
The first rule is for any pages requested excluding the GetImage page. The second is for no page.
For the most part this works correctly. We haven't had to make any adjustments to the application because the CGI.REMOTE_ADDR is correct.
But we were told that in some circumstances the LB may pass multiple IP addresses and to use only the first one in the list. This is causing a problem.
In some cases CGI.REMOTE_ADDR is coming through like this '100.200.200.200, 123,123,123,123'.
Testing the RegEx in IIS with that string shows group {R:0} is 100.200.200.200, 123,123,123,123.
The question is is it possible to write the rule so that {R:0} is the first matched IP address in the list?
Realized after I posted this I was attacking it (or asking..) the wrong way.
The URL Rule regex is to match the URL to apply the rule. All requested URLS that match will map the http_x_forwarded_for header value into the REMOTE_ADDR server variable. The value of this variable which could be invalid what the problem.
To fix this, a new OUTBOUND rule needed to be added. In this rule you can specify the REMOTE_ADDR as the INPUT and matching against a regex to rewrite it. By adding the rule, a regex to match the first IP addr found in the variable, and then rewrite the variable with the back trace I was able to solve the problem.
<outboundRules>
<rule name="Format IP Address">
<match serverVariable="REMOTE_ADDR" pattern="^([0-9]{0,3}\.[0-9]{0,3}\.[0-9]{0,3}\.[0-9]{0,3})(.)*$" />
<action type="Rewrite" value="{R;1}" />
</rule>
</outboundRules>
I am trying to use UrlRewriteFilter to do a redirect. As we are moving servers and infrastructure all the time to develop our in house cloud solutions we plan to use a lot of this.
My problem is I have a URL like
https:// google.com/web-app/servlet?request-parameters&values
I need to redirect all the URLs which has a value for a particular parameter to a different server.
so a URL like :
https:// google.com/administrator/servlet/ej.processOrder?sec=100&geo=appointment&cus=dubai
If the parameters contain cus=dubai, I need to redirect it to
https://hotmail.com/servlet/ej.processOrder?sec=100&geo=appointment&cus=dubai
I have tried the following but it doesn't seem to work
<urlrewrite use-query-string="true">
<rule match-type="wildcard">
<name>Redirect requests to cases</name>
<description></description>
<from>/administrator/servlet/**?**</from>
<to type="redirect" last="true">http://hotmail.com:8080/servlet/$1?&cus=dubai&$2&$3&</to>
</rule>
</urlrewrite>
Thanks for the help.
You will need to make use of the query-string and make sure it matches a particular condition.
From what I can see you would want something like this :
<condition name="query-string" operator="equal">*cus=dubai*</condition>
You will need a rule for each different parameter. One full rule would look like this :
<urlrewrite use-query-string="true">
<rule match-type="wildcard">
<name>Cus = dubai</name>
<from>/administrator/servlet/*</from>
<condition name="query-string" operator="equal">*cus=dubai*</condition>
<to type="redirect" last="true">https://hotmail.com/servlet/ej.processOrder?sec=100&geo=appointment&cus=dubai</to>
</rule>
<!-- other rules go here -->
</urlrewrite>
The condition shall be "type" instead of "name", as:
<condition type="query-string" operator="equal">*cus=dubai*</condition>
Good question and for a situation that I imagine occurs often it is not very well documented in the manual in my opinion.
The following worked for me -
<rule>
<condition type="query-string">foo=123&bar=456</condition>
<from>/index.jsp</from>
<to type="permanent-redirect" last="true">https://somehwere-else.com/blah/blah/</to>
</rule>
So this should work for you -
<rule>
<name>Redirect requests to cases</name>
<condition type="query-string">sec=100&geo=appointment&cus=dubai</condition>
<from>/administrator/servlet</from>
<to type="permanent-redirect" last="true">http://hotmail.com:8080/servlet/sec=100&geo=appointment&cus=dubai</to>
</rule>