堆栈内存溢出
  简体   繁体   English

IIS URL重写:服务多个文件时,如何可靠地保持相对路径?

[英]IIS URL Rewriting: How can I reliably keep relative paths when serving multiple files?

 原文  2010-05-25 23:09:05       c#/ iis-7/ url-rewriting/ url-routing/ asp.net

问题描述

My WebApp is part CMS , and when I serve up an HTML page to the user it typically contains relative paths in a.href and img.src attributes. 我的WebApp是CMS的一部分,当我为用户提供HTML页面时,它通常在a.hrefimg.src属性中包含相对路径。

I currently have them accessed by urls like: ~/get-data.aspx/ instance /user/page.html -- where instance indicates the particular instance for the report and "user/page.html" is a path created by an external application that generates the content. 我目前可以通过以下网址访问它们: 〜/ get-data.aspx / instance /user/page.html-其中instance表示报告的特定实例,而“ user / page.html”是由外部创建的路径生成内容的应用程序。

This works pretty reliably with code in the application's BeginRequest method that translates the text after ".aspx" into a query string, then uses Context.RewritePath() . 这与应用程序的BeginRequest方法中的代码非常可靠地工作,该方法将“ .aspx”之后的文本转换为查询字符串,然后使用Context.RewritePath()

So far so good, but I've just tripped over something that took me by surprise: it appears that if any of the query string (" instance /user/page.html ") happens to contain a plus sign ("+") the BeginRequest method is never called, and a 404 is immediately returned to the user. 到目前为止,一切都很好,但是我刚经历了让我惊讶的事情:看来,如果任何查询字符串(“ instance /user/page.html ”)碰巧包含一个加号(“ +”)永远不会调用BeginRequest方法,并且会立即将404返回给用户。

So my question is two-fold: 所以我的问题有两个:

  1. Am I correct in my belief that a "+" would cause the 404, and if so are there other things that could cause similar problems? 我是否相信“ +”会导致404错误,如果是的话,是否还有其他可能导致类似问题的原因呢? Is there a way around that problem (perhaps a different method than BeginRequest )? 有没有办法解决这个问题(也许与BeginRequest不同的方法)?

  2. Is there a better way to preserve relative URL paths for generated content than what I'm using? 是否有比我正在使用的方法更好的方法来为生成的内容保留相对的URL路径? I'd rather not require site admins to install a 3rd party rewrite tool if I can help it. 如果可以,我宁愿不需要站点管理员安装第三方重写工具。

1 个解决方案

解决方案1
 0 已采纳  2010-05-25 23:36:45

Yes this is an IIS security setting. 是的,这是IIS安全设置。 You can get round it by putting this in your web config. 您可以通过将其放入Web配置中来解决它。 

<system.webServer>
<security>
    <requestFiltering allowDoubleEscaping="True"/>
</security>
</system.webServer>

However youmight have to be carefull what you are doing. 但是,您可能必须小心自己在做什么。 With double escaping enabled it will allow an escaped url to itself contain escape characters that could be used to exploit your url rewriting to pass escaped characters into your querystring to construct a different querystring than you intend. 启用双重转义后,它将允许转义的URL自身包含转义字符,这些转义字符可用于利用您的url重写将转义的字符传递到查询字符串中,以构造与预期不同的查询字符串。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 即使路径中包含百分比编码的部分,如何可靠地获取实际的URL? - How can I reliably get the actual URL, even when there are percent-encoded parts in the path? 网址重写-构建路径 - url rewriting - build paths URL使用Webforms ASP.net 4和IIS6路由相对路径 - URL routing relative paths with webforms ASP.net 4 and IIS6 如何在原型文件导入语句中使用相对路径? - How can I use relative paths in proto file import statement? ASP.NET:相对路径在部署IIS时不起作用 - Asp.net: relative paths not working when deployed IIS IIS网址重写IP地址 - IIS Url Rewriting IP Address 如何在执行多个查询时保持Connection处于打开状态? - How can I keep a Connection open when performing multiple queries? 全局在IIS上提供.cshtml文件 - Serving .cshtml files on IIS globally 创建文件时,如何可靠地(异步)从目录移动文件? - How can I reliably move files (asynchronously) from a directory as they're being created? 我应该如何组合两条路径,包括向后相对路径? - How should I combine two paths including backwards relative paths?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM