tags:

views:

368

answers:

2
+1  Q: 

IIS7 and ARR as reverse proxy for Subversion

I am using IIS7 and the Application Request Routing extension to act as a reverse proxy to Subversion running on Apache.

The proxy works fine and I am able to explore the server, and even perform a "check out". However, I cannot browse to files that would normally be forbidden by ASP.NET - for example, .cs, .csproj, and so on. Files ASP.NET wouldn't be concerned with - such as .txt - are fine.

I tried to edit the global web.config to remove the Forbidden handler mapping for these files, but it did not seem to make a difference. Is there any way to allow the URL rewriting module in IIS7 to work, while allowing all file extensions to be rendered?

+2  A: 

Your AAR site will still be backed by a folder somewhere.

In that folder, create a web.config with the following:

<system.webServer>
    <httpHandlers>
        <clear />
    </httpHandlers>
</system.webServer>

This approach:

  1. avoids messing with machine.config;
  2. ensures that your really have cleared out all the mappings, rather than trying to clear them one at a time; and
  3. can be easily backed up or transfered because it's just in a text file.
Tatham Oddie  2009-09-27 13:04:24
That was my initial approach, but it results in a 500 error (and, helpfully, nothing in the event log)
Paul Stovell  2009-09-27 13:16:24
+1  A: 

IIS7 has an applicationHost.config file which has a security section that limits file extensions:

<requestFiltering>
  <fileExtensions allowUnlisted="true" applyToWebDAV="true">
    <add fileExtension=".cs" allowed="false" />
    <add fileExtension=".csproj" allowed="false" />
    <add fileExtension=".vb" allowed="false" />
    <add fileExtension=".vbproj" allowed="false" />
    ....
  </fileExtensions>

More information:

http://learn.iis.net/page.aspx/143/how-to-use-request-filtering/

I added a similar section to my site's web.config and used a <clear /> node to remove all extensions. Now I can serve .cs, .csproj files and others, but I cannot serve .config files yet.

Edit: Removing the hiddenSection nodes corrected this for web.config files too. Here is my local web.config file:

<system.webServer>
  <security>
    <requestFiltering>
      <fileExtensions allowUnlisted="true" applyToWebDAV="true">
        <clear />
      </fileExtensions>
      <verbs allowUnlisted="true" applyToWebDAV="true" />
      <hiddenSegments applyToWebDAV="true">
        <clear />
      </hiddenSegments>
    </requestFiltering>
  </security>
</system.webServer>
Paul Stovell  2009-09-27 13:34:18

related questions

Best strategy to write hooks for subversion in Windows
Database Version Control
Version control PHP Web Project
Experience with SVN vs. Team Foundation Server?
Best SVN Client Ignore Pattern for VB.NET Solutions?
SVN merge merged extra stuff
What is your favorite web app deployment workflow with SVN?
Integrating Fogbugz with TortoiseSVN with no URL/Subversion backend
Version Control. Getting started...
ASP.NET Display SVN Revision Number
How do I create a branch in SVN?
What do the result codes in svn mean?
Could you recommend a good free project hosting website?
Federated (Synced) Subversion servers?
Mechanisms for tracking DB schema changes
What are the advantages of using SVN over CVS?
Use SVN Revision to label build in CCNET
Best subversion client for Mac OS
Why is Git better than Subversion?
ASP.NET, Visual Studio and Subversion - how to integrate?
Best Practice: Collaborative Environment, Bin Directory, SVN
How do I sync the SVN revision number with my ASP.NET web site?
Best Subversion clients for Windows Vista (64bit)
Good branch/merge tutorials for Tortoise SVN?
How can you get Subclipse in Aptana to work with the newest release of Subversion?