locked
IIS URL Rewrite Rule RRS feed

  • Question

  • User-1837900864 posted

    I have URL Rewrite rule in IIS 10 to enforce all <g class="gr_ gr_15 gr-alert gr_spell gr_inline_cards gr_run_anim ContextualSpelling ins-del multiReplace" id="15" data-gr-id="15">http</g> request to https this way and it works <g class="gr_ gr_17 gr-alert gr_gramm gr_inline_cards gr_run_anim Grammar multiReplace" id="17" data-gr-id="17">perfect</g>.

    <rewrite>
          <rules>
            <rule name="HTTP/S to HTTPS Redirect" enabled="true" stopProcessing="true">
              <match url="(.*)" />
              <conditions logicalGrouping="MatchAny">
                <add input="{SERVER_PORT_SECURE}" pattern="^0$" />
              </conditions>
              <action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Permanent" />
            </rule>
          </rules>
        </rewrite>

    Here comes the <g class="gr_ gr_25 gr-alert gr_gramm gr_inline_cards gr_run_anim Punctuation multiReplace" id="25" data-gr-id="25">twist..</g> I am hosting one ClickOnce application on the same server and when installer try to download the application then it gives error URLDownloadToCacheFile failed with HRESULT '-2146697202' Error: An error occurred trying to download

    Although URL is <g class="gr_ gr_21 gr-alert gr_spell gr_inline_cards gr_run_anim ContextualSpelling ins-del multiReplace" id="21" data-gr-id="21">propery</g> accessed via <g class="gr_ gr_26 gr-alert gr_gramm gr_inline_cards gr_run_anim Grammar only-ins doubleReplace replaceWithoutSep" id="26" data-gr-id="26">browser</g> which is mentioned in this error.

    As per <g class="gr_ gr_19 gr-alert gr_spell gr_inline_cards gr_run_anim ContextualSpelling ins-del multiReplace" id="19" data-gr-id="19">microsoft</g> documents error description is

    if the setup URL of the ClickOnce application being installed is redirected from a non-secure to a secure site (or vice-versa), the installation will fail because the Internet Explorer warning interrupts it.

    ** Installer is using IE internally to download the manifest file

    Now to tackle this situation I have made IP binding with my site in IIS <g class="gr_ gr_20 gr-alert gr_spell gr_inline_cards gr_run_anim ContextualSpelling ins-del" id="20" data-gr-id="20">so <g class="gr_ gr_33 gr-alert gr_tiny gr_spell gr_inline_cards gr_disable_anim_appear ContextualSpelling multiReplace" id="33" data-gr-id="33">i</g></g> would access the file with IP but when I do access the site with IP then the above rule also trigger for it and redirects to HTTPS and browser give an error again <g class="gr_ gr_31 gr-alert gr_gramm gr_inline_cards gr_run_anim Grammar only-ins replaceWithoutSep" id="31" data-gr-id="31">because</g> hostname mismatch in SSL Certs. I want to bypass this redirect rule for my site when it browsed with IP.

    I <g class="gr_ gr_16 gr-alert gr_spell gr_inline_cards gr_run_anim ContextualSpelling ins-del multiReplace" id="16" data-gr-id="16">donot</g> know how I can modify the above rule by having <g class="gr_ gr_22 gr-alert gr_gramm gr_inline_cards gr_run_anim Grammar only-ins doubleReplace replaceWithoutSep" id="22" data-gr-id="22">additional condition</g> or what will be the new rule to bypass this https redirection when access via IP.

    Sunday, December 17, 2017 3:48 PM

All replies

  • User61956409 posted

    Hi ArslanP,

    <o:p></o:p>Welcome to ASP.NET forum.

    <o:p>

    I want to bypass this redirect rule for my site when it browsed with IP.
     </o:p>

    To achieve it, you can try to specify additional logical operations in Conditions collection.<o:p></o:p>

    <o:p></o:p><o:p>

    <add input="{HTTP_HOST}" pattern="xxx.xxx.xxx.xxx" negate="true" />
    <add input="{SERVER_PORT_SECURE}" pattern="^0$" />
    </o:p>

    With Regards, <o:p></o:p>

    Fei Han<o:p></o:p>

    Monday, December 18, 2017 7:26 AM
  • User-1837900864 posted

    Hi Fei Han,

    Thanks for your reply.

    I tried as you suggested but it <g class="gr_ gr_61 gr-alert gr_spell gr_inline_cards gr_run_anim ContextualSpelling ins-del multiReplace" id="61" data-gr-id="61">doesnot</g> work.

    Here is my final code snippet.

    <rewrite>
          <rules>
            <rule name="HTTP/S to HTTPS Redirect" enabled="true" stopProcessing="true">
              <match url="(.*)" />
              <conditions logicalGrouping="MatchAny">
                            <add input="{SERVER_PORT_SECURE}" pattern="^0$" />
                            <add input="{HTTP_HOST}" pattern="109.203.xxx.xxx" negate="true" />
              </conditions>
              <action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Permanent" />
            </rule>
          </rules>
        </rewrite>

    When I enable this rule then http and https redirect with domain name does not work and its stuck in some loop and after sometime browser says its unexpected redirects and when I try to access with IP then it redirects to https.

    Monday, December 18, 2017 11:56 AM
  • User753101303 posted

    Hi,

    And it doesn't work if you are just using an https link to your ClickOnce application?

    Monday, December 18, 2017 12:20 PM
  • User-1837900864 posted

    I just tried to open the website from <g class="gr_ gr_138 gr-alert gr_gramm gr_inline_cards gr_run_anim Grammar only-ins doubleReplace replaceWithoutSep" id="138" data-gr-id="138">browser</g> and in that case website was not opening either. TBH I <g class="gr_ gr_174 gr-alert gr_spell gr_inline_cards gr_run_anim ContextualSpelling ins-del multiReplace" id="174" data-gr-id="174">didnot</g> tried with <g class="gr_ gr_192 gr-alert gr_spell gr_inline_cards gr_run_anim ContextualSpelling ins-del multiReplace" id="192" data-gr-id="192">clickonce</g> application but I am sure it will not work.

    Regards,

    Monday, December 18, 2017 12:31 PM
  • User991499041 posted

    Hi ArslanP,

    Have you tried to get help from clickonce related forum: https://social.msdn.microsoft.com/Forums/windows/en-US/home?forum=winformssetup

    Regards,

    zxj

    Monday, December 25, 2017 8:27 AM