英文:
IIS' ARR module is changing the Location header of a 302 Redirect
问题
我的后端是一个使用NodeJS构建的服务器,具有以下CORS配置:
app.use(cors({
origin: ['https://example.com', 'https://destination.com'],
allowedHeaders: ['Origin','Accept','X-Requested-With','Content-Type']
}));
当NodeJS后端发送一个302 Found响应时,IIS会替换位置;一个重定向到destination.com/endpoint?p=v会变成example.com/endpoint?p=v。以下是来自IIS“失败请求跟踪”的日志:
135. NOTIFY_MODULE_START ModuleName="ApplicationRequestRouting", Notification="EXECUTE_REQUEST_HANDLER", fIsPostNotification="false" 01:16:27.109
136. ARR_REQUEST_HEADERS_START 01:16:27.109
137. ARR_REQUEST_HEADERS_END 01:16:27.125
138. ARR_RESPONSE_HEADERS_START 01:16:27.125
139. ARR_RESPONSE_HEADERS_END 01:16:27.125
140. MODULE_SET_RESPONSE_SUCCESS_STATUS ModuleName="ApplicationRequestRouting", Notification="EXECUTE_REQUEST_HANDLER", HttpStatus="302", HttpReason="Found" 01:16:27.125
141. GENERAL_SET_RESPONSE_HEADER HeaderName="Content-Length", HeaderValue="0", Replace="true" 01:16:27.125
142. GENERAL_SET_RESPONSE_HEADER HeaderName="Location", HeaderValue="https://destination.com/foo/bar?p=v", Replace="true" 01:16:27.125
143. GENERAL_SET_RESPONSE_HEADER HeaderName="Vary", HeaderValue="Origin", Replace="true" 01:16:27.125
144. GENERAL_SET_RESPONSE_HEADER HeaderName="X-Powered-By", HeaderValue="Express", Replace="false" 01:16:27.125
145. GENERAL_SET_RESPONSE_HEADER HeaderName="Location", HeaderValue="https://example.com/foo/bar?p=v", Replace="true" 01:16:27.125
146. GENERAL_SET_RESPONSE_HEADER HeaderName="X-Powered-By", HeaderValue="ARR/3.0", Replace="false" 01:16:27.125
147. NOTIFY_MODULE_END ModuleName="ApplicationRequestRouting", Notification="EXECUTE_REQUEST_HANDLER", fIsPostNotificationEvent="false", NotificationStatus="1" 01:16:27.125
148. NOTIFY_MODULE_COMPLETION ModuleName="ApplicationRequestRouting", Notification="EXECUTE_REQUEST_HANDLER", fIsPostNotificationEvent="false", CompletionBytes="0", ErrorCode="The operation completed successfully.
(0x0)" 01:16:27.125
149. ARR_RESPONSE_ENTITY_START 01:16:27.125
150. ARR_RESPONSE_ENTITY_END Bytes="0" 01:16:27.125
151. NOTIFY_MODULE_END ModuleName="ApplicationRequestRouting", Notification="EXECUTE_REQUEST_HANDLER", fIsPostNotificationEvent="false", NotificationStatus="1" 01:16:27.125
152. NOTIFY_MODULE_COMPLETION ModuleName="ApplicationRequestRouting", Notification="EXECUTE_REQUEST_HANDLER", fIsPostNotificationEvent="false", CompletionBytes="0", ErrorCode="The operation completed successfully.
(0x0)" 01:16:27.125
153. NOTIFY_MODULE_END ModuleName="ApplicationRequestRouting", Notification="EXECUTE_REQUEST_HANDLER", fIsPostNotificationEvent="false", NotificationStatus="NOTIFICATION_CONTINUE"
以下是现有的重写规则:
<rules>
<clear />
<rule name="Upgrade" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{HTTPS}" pattern="^OFF$" />
<add input="{REQUEST_METHOD}" pattern="POST" negate="true" />
<add input="{REQUEST_METHOD}" pattern="FOUND" negate="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" />
</rule>
<rule name="Backend" stopProcessing="true">
<match url="backend/(.*)" />
<action type="Rewrite" url="http://localhost:3001/{R:1}" />
</rule>
<rule name="React Router" enabled="true" stopProcessing="true">
<match url=".*" />
<conditions logicalGrouping="MatchAll">
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
<add input="{REQUEST_URI}" matchType="IsDirectory" negate="true" />
</conditions>
<action type="Rewrite" url="index.html" />
</rule>
</rules>
没有其他带有规则的ARR模块。IIS需要配置CORS吗?谢谢
英文:
My backend is a NodeJS server with the following CORS configuration:
app.use(cors({
origin: ['https://example.com, 'https://destination.com'],
allowedHeaders: ['Origin','Accept','X-Requested-With','Content-Type']
}));
When the NodeJS backend sends a 302 Found response, IIS replaces the location; a redirect to destination.com/endpoint?p=v changes to example.com/endpoint?p=v. Here are the logs from IIS' Failed Request Tracing:
135. NOTIFY_MODULE_START ModuleName="ApplicationRequestRouting", Notification="EXECUTE_REQUEST_HANDLER", fIsPostNotification="false" 01:16:27.109
136. ARR_REQUEST_HEADERS_START 01:16:27.109
137. ARR_REQUEST_HEADERS_END 01:16:27.125
138. ARR_RESPONSE_HEADERS_START 01:16:27.125
139. ARR_RESPONSE_HEADERS_END 01:16:27.125
140. MODULE_SET_RESPONSE_SUCCESS_STATUS ModuleName="ApplicationRequestRouting", Notification="EXECUTE_REQUEST_HANDLER", HttpStatus="302", HttpReason="Found" 01:16:27.125
141. GENERAL_SET_RESPONSE_HEADER HeaderName="Content-Length", HeaderValue="0", Replace="true" 01:16:27.125
142. GENERAL_SET_RESPONSE_HEADER HeaderName="Location", HeaderValue="https://destination.com/foo/bar?p=v", Replace="true" 01:16:27.125
143. GENERAL_SET_RESPONSE_HEADER HeaderName="Vary", HeaderValue="Origin", Replace="true" 01:16:27.125
144. GENERAL_SET_RESPONSE_HEADER HeaderName="X-Powered-By", HeaderValue="Express", Replace="false" 01:16:27.125
145. GENERAL_SET_RESPONSE_HEADER HeaderName="Location", HeaderValue="https://example.com/foo/bar?p=v", Replace="true" 01:16:27.125
146. GENERAL_SET_RESPONSE_HEADER HeaderName="X-Powered-By", HeaderValue="ARR/3.0", Replace="false" 01:16:27.125
147. NOTIFY_MODULE_END ModuleName="ApplicationRequestRouting", Notification="EXECUTE_REQUEST_HANDLER", fIsPostNotificationEvent="false", NotificationStatus="1" 01:16:27.125
148. NOTIFY_MODULE_COMPLETION ModuleName="ApplicationRequestRouting", Notification="EXECUTE_REQUEST_HANDLER", fIsPostNotificationEvent="false", CompletionBytes="0", ErrorCode="The operation completed successfully.
(0x0)" 01:16:27.125
149. ARR_RESPONSE_ENTITY_START 01:16:27.125
150. ARR_RESPONSE_ENTITY_END Bytes="0" 01:16:27.125
151. NOTIFY_MODULE_END ModuleName="ApplicationRequestRouting", Notification="EXECUTE_REQUEST_HANDLER", fIsPostNotificationEvent="false", NotificationStatus="1" 01:16:27.125
152. NOTIFY_MODULE_COMPLETION ModuleName="ApplicationRequestRouting", Notification="EXECUTE_REQUEST_HANDLER", fIsPostNotificationEvent="false", CompletionBytes="0", ErrorCode="The operation completed successfully.
(0x0)" 01:16:27.125
153. NOTIFY_MODULE_END ModuleName="ApplicationRequestRouting", Notification="EXECUTE_REQUEST_HANDLER", fIsPostNotificationEvent="false", NotificationStatus="NOTIFICATION_CONTINUE"
These are the existing rewrite rules:
<rules>
<clear />
<rule name="Upgrade" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{HTTPS}" pattern="^OFF$" />
<add input="{REQUEST_METHOD}" pattern="POST" negate="true" />
<add input="{REQUEST_METHOD}" pattern="FOUND" negate="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" />
</rule>
<rule name="Backend" stopProcessing="true">
<match url="backend/(.*)" />
<action type="Rewrite" url="http://localhost:3001/{R:1}" />
</rule>
<rule name="React Router" enabled="true" stopProcessing="true">
<match url=".*" />
<conditions logicalGrouping="MatchAll">
                <add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
                        <add input="{REQUEST_URI}" matchType="IsDirectory" negate="true" />
                </conditions>
<action type="Rewrite" url="index.html" />
</rule>
</rules>
There are no other ARR modules with rules in place.
Does IIS need to be configured for CORS? Thanks
答案1
得分: 1
前往您服务器的 IIS 'Home' 页面,然后打开 'Application Request Routing Cache'。在服务器代理设置中有一个标有 'Reverse rewrite host in response headers' 的选项。取消选中该选项解决了我的问题。
英文:
Go to the IIS 'Home' page for your server and open 'Application Request Routing Cache'. There's an option in Server Proxy Settings labelled 'Reverse rewrite host in response headers'. Unchecking that option solved my problem.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论