I have Sonar Qube server running fine with Apache Tomcat, and a reverse proxy with URL Rewrite in IIS. The reverse proxy maps the domain name to the localhost:9000 address for Sonar Qube just fine, but the java script files embedded in the home page do not run. In Chrome's dev tools I get this error (company sensitive names have been made generic in this error output):
Refused to execute script from 'http://sonarqube.company.us/sonar/js/vendor.foo.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
Refused to execute script from 'http://sonarqube.company.us/sonar/js/app.bar.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
I've followed the instructions on this dev blog post to the letter to no avail (it's a 3 part series, part 3 addresses this specific problem): https://blogs.msdn.microsoft.com/friis/2016/08/25/iis-with-url-rewrite-as-a-reverse-proxy-part-3-rewriting-the-outbound-response-contents/
Has anyone come up against this before and solved it?
It looks like that the setup of your reverse proxy is incorrect because the mimetypes of JavaScript files are incorrect.
Can you remove the configuration of overwriting the mime types ?
The one sent by SonarQube should be preserved.
Related
My Jenkins is running on https://myhost:9043 using the standalone war on Linux with the below command.
java -jar jenkins.war
However, when I try the following URL for say https://myhost:9043/<any random text> the resource uri is obviously not found.
The problem, however, is I get output in the browser as
HTTP 404 error URI not found Powered by Jetty://9.4.27.vXXXX
I wish not to reveal the Jetty version.
Is there a way to display a custom error page for incorrect URIs thus avoiding revealing the Jetty version? If not, can I somehow hide the Jetty version from being displayed to anonymous users?
I'm not a pure java programmer but just a DevOps admin.
You can override the Jetty version with adding to your command line -Djetty.version=NOTHING
Otherwise I created the issue https://issues.jenkins-ci.org/browse/JENKINS-62890 to have a custom error page from users
Hi All I am getting below error, There is no publishing error. and also checked by deploying a MVC core 2.1 application which is generated by VS 2017 and the application also contains the font file. In that it does not produce any error and runs fine. But the project its giving below exception and the details are...
The page you are requesting cannot be served because of the extension configuration. If the page is a script, add a handler. If the file should be downloaded, add a MIME map.
Most likely causes:
It is possible that a handler mapping is missing. By default, the static file handler processes all content.
The feature you are trying to use may not be installed.
The appropriate MIME map is not enabled for the Web site or application. (Warning: Do not create a MIME map for content that users should not download, such as .ASPX pages or .config files.)
If ASP.NET is not installed.
Things you can try:
In system.webServer/handlers:
Ensure that the expected handler for the current page is mapped.
Pay extra attention to preconditions (for example, runtimeVersion, pipelineMode, bitness) and compare them to the settings for your application pool.
Pay extra attention to typographical errors in the expected handler line.
Please verify that the feature you are trying to use is installed.
Verify that the MIME map is enabled or add the MIME map for the Web site using the command-line tool appcmd.exe.
To set a MIME type, use the following syntax: %SystemRoot%\windows\system32\inetsrv\appcmd set config /section:staticContent /+[fileExtension='string',mimeType='string']
The variable fileExtension string is the file name extension and the variable mimeType string is the file type description.
For example, to add a MIME map for a file which has the extension ".xyz": appcmd set config /section:staticContent /+[fileExtension='.xyz',mimeType='text/plain']
Warning: Ensure that this MIME mapping is needed for your Web server before adding it to the list. Configuration files such as .CONFIG or dynamic scripting pages such as .ASP or .ASPX, should not be downloaded directly and should always be processed through a handler. Other files such as database files or those used to store configuration, like .XML or .MDF, are sometimes used to store configuration information. Determine if clients can download these file types before enabling them.
Install ASP.NET.
Create a tracing rule to track failed requests for this HTTP status code. For more information about creating a tracing rule for failed requests, click here.
Detailed Error Information:
Module StaticFileModule
Notification ExecuteRequestHandler
Handler StaticFile
Error Code 0x80070032
Requested URL https://~1GpsLearning:80/Content/fonts/glyphicons-halflings-regular.woff
Physical Path D:\Program Files (x86)\SiteExtensions\Kudu\79.20129.3767\Content\fonts\glyphicons-halflings-regular.woff
Logon Method Anonymous
Logon User Anonymous
It was the issue of up-gradation from 2.0 to 2.1, SO I created a fresh application in 2.1 core and just implemented my other code as it is and every thing worked fine and is running on azure very smoothly.
I have configured a webserver on localhost with https using Microsoft IIS Administration. I am able to browse directory with files with browsers and Visual Studio using localhost prefixed with https, such as https://localhost/trial etc.
I wish to upload a file to the said directory, ie., trial, using Libcurl to test some features. Unfortunately I'm unable to do so.
Using the same Libcurl example as given on
Libcurl File Upload
-modified for https, the console window tells me that the following has occurred, upon running the code :
IIS 10.0 Detailed Error - 405.0 - Method Not Allowed
HTTP Error 405.0 - Method Not Allowed The page you are
looking for cannot be displayed because an invalid method (HTTP verb)
is being used.
I checked the IIS Administrator and saw that all authorizations are allowed. I suppose the fact that it is flagging a HTTP verb issue rather than HTTPS as I'd enabled and used as URL in code isn't a big thing?
Libcurl uses PUT for uploading files, so should be an allowed verb.
I am quite new to this, so I'm not certain I did something incorrect with the setting up of the webserver, or whether there are security issues or permission issues which are causing a problem here.
As far as I know, there is impossible to use http put or post a file to a IIS web application's folder without writing server-side code. Otherwise, configure an FTP site on your IIS installation. Then you could use ftp command to upload the file.
If you really need using HTTP put or post to upload the file, you could consider using WebDav.
More details about what is webdev and how to use it, you could refer to below article.
https://learn.microsoft.com/en-us/iis/install/installing-publishing-technologies/installing-and-configuring-webdav-on-iis
https://learn.microsoft.com/en-us/iis/get-started/whats-new-in-iis-7/what39s-new-for-webdav-and-iis-7
Try hostname instead of localhost
Add a trailing slash (/) for the directory.
Confluence IIS Reverse Proxy Setup
I have set up a reverse proxy on IIS 7.5 for Atlassian Confluence according to instructions found in the internet.
I wanted to redirect all traffic to "docs.unimaze.com" to "localhost:8090" on the same server.
This is how I did it:
Installed URL Rewrite 2.0
Installed Application Request Routing 3.0
Set up a reverse proxy rule:
Match URL: Matches the pattern (.*) using regular expressions (ignore case)
Conditions: (none)
Server variables: (none)
Action: Rewrite with http://localhost:8090/{R:1} (append to query string and stop processing of subsequent rules.
The only other thing I had to in order to make everything work (from https://serverfault.com/questions/76013/iis6-vs-iis7-and-iis7-5-handling-urls-with-plus-sign-in-base-not-querystr) was to run this command on the server so that URL's with "plus signs" in the URL's would be allowed.
%windir%\system32\inetsrv\appcmd set config "WebSiteName"
-section:system.webServer/security/requestFiltering -allowDoubleEscaping:true
Problem with external redirects
Confluence itself, seems to work perfectly BUT when attempting to edit a module from an external application (LucidChart Diagrams it fails), because a redirection to the external application also is rewritten, e.g. an attempt is made to redirect to this URL:
http://docs.unimaze.com/documents/edit/4b157fd9-8e28-4d70-8587-0fdd0839fbca?callback=...
when the redirect should actually be to the external application, so it should remain untouched by the rewriting rule:
https://www.lucidchart.com/documents/edit/4b157fd9-8e28-4d70-8587-0fdd0839fbca?callback=...
Is there an easy way to solve this?
This here helped: appcmd.exe set config -section:system.webServer/proxy /reverseRewriteHostInResponseHeaders:"False" -commit:apphost
In UI, the setting corresponding to this action on the Application Request Routing in IIS on the server node (select „Server Proxy Settings“) should be unchecked.
However, this had the effect that the page can not be loaded in Internet Explorer 11 L
The page is shown, but with empty space where the diagram is and it tries loading something forever.
In Firefox and Chrome it works fine.
I have no idea why it "freezes" in IE 11. Will check from other machines to see if this is always happening or not.
The easiest way to handle this is to take advantage of IIS host headers and make the proxied site believe it is responding as www.example.com:80 rather than localhost:8080. It turns out the AAR reverse proxy has an equivalent of Apache's ProxyPerserveHost setting it just isn't very well documented nor exposed in the UI.
To enable this setting you will need to open an elevated shell and run:
%windir%\system32\inetsrv\appcmd.exe set config -section:system.webServer/proxy -preserveHostHeader:true
Then configure the target site to listen at 127.0.0.1:80 with the appropriate host header and then configure the proxy to proxy back to localhost with the request and it should line up.
Having a strange issue - we have a page that uses a query string to get some information, this query string happens to contain the word set. When this happens, the page returns a 406 error (Client browser does not accept the MIME type of the requested page.)
The URL looks like example.com/folder/file.asp?variable=sunset boulevard. If I change the space to %20 it still returns 406.
On my local machine running IIS 5.x this doesn't happen, on our test server running IIS 7.x this doesn't happen, only on our production server running IIS 7.x over SSL. Note however that a self signed certificate on my local machine over SSL still doesn't produce the error.
So my question is, what does the set keyword in the URL tell IIS to do and is there an easy way to avoid it happening? I would like to avoid changing the space to a different character if possible.
Does your server have additional filters installed? Smells like the work of an agressive filter designed to prevent certain types of attack.