URL重写-从客户端检测到潜在危险的Request.Path值 [英] URL Rewrite - A potentially dangerous Request.Path value was detected from the client
问题描述
我有许多URL重写规则(它们都在下面列出).当我浏览"http://domain.com"时,我被转发到"http://www.domain.com/R:",并显示消息从客户端(:)检测到潜在的危险Request.Path值". ."我希望能够浏览不带"www"的网站并正确转发.我不确定如何更新或添加到现有的重写规则.这是.Net网站.我希望社区中的任何人可以给我任何提示.
I have a number of URL rewrite rules in place (they are all listed below). When I browse "http://domain.com" I am forwarded to "http://www.domain.com/R:" with the message of "A potentially dangerous Request.Path value was detected from the client (:)." I want to be able to browse the site without "www" and be forwarded correctly. I am not sure how to update or add to my existing rewrite rules. This is .Net site. I am hoping someone in the community can give me any hints.
<rewrite>
<rules>
<clear />
<rule name="Change to Lower" enabled="true">
<match url="[A-Z]" ignoreCase="false" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false" />
<action type="Redirect" url="{ToLower:{URL}}" redirectType="Permanent" />
</rule>
<rule name="Redirect to WWW" enabled="true" stopProcessing="true">
<match url=".*" ignoreCase="false" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{HTTP_HOST}" pattern="^domain.com$" />
</conditions>
<action type="Redirect" url="http://www.domain.com/R:{0}" redirectType="Permanent" />
</rule>
<rule name="Redirect StockNo" stopProcessing="true">
<match url="^vehicles/detail/default\.aspx$" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{REQUEST_METHOD}" pattern="^POST$" negate="true" />
<add input="{QUERY_STRING}" pattern="^stockno=([^=&]+)$" />
</conditions>
<action type="Redirect" url="{C:1}" appendQueryString="false" />
</rule>
<rule name="Rewrite StockNo" stopProcessing="true">
<match url="^([0-9a-z\ ]+)$" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true" />
</conditions>
<action type="Rewrite" url="vehicles/detail/default.aspx?stockno={R:1}" />
</rule>
<rule name="Redirect StockNo And Desc" enabled="false" stopProcessing="true">
<match url="^vehicles/detail/default\.aspx$" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{REQUEST_METHOD}" pattern="^POST$" negate="true" />
<add input="{QUERY_STRING}" pattern="^stockno=([^=&]+)&desc=([^=&]+)$" />
</conditions>
<action type="Redirect" url="{C:1}/{C:2}" appendQueryString="false" />
</rule>
<rule name="Rewrite StockNo And Desc" enabled="false" stopProcessing="true">
<match url="^([0-9a-z]+)/([0-9]{4}[^/]+)/?$" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true" />
</conditions>
<action type="Rewrite" url="vehicles/detail/default.aspx?stockno={R:1}&desc={R:2}" />
</rule>
<rule name="Redirect StockNo Desc And Vin" stopProcessing="true">
<match url="^vehicles/detail/default\.aspx$" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{REQUEST_METHOD}" pattern="^POST$" negate="true" />
<add input="{QUERY_STRING}" pattern="^stockno=([^=&]+)&desc=([^=&]+)&vin=([^=&]+)$" />
</conditions>
<action type="Redirect" url="{C:1}/{C:2}/{C:3}" appendQueryString="false" />
</rule>
<rule name="Rewrite StockNo Desc And Vin" stopProcessing="true">
<match url="^([0-9a-z]+)/([0-9]{4}[^/]+)/([0-9a-z]+)/?$" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true" />
</conditions>
<action type="Rewrite" url="vehicles/detail/default.aspx?stockno={R:1}&desc={R:2}&vin={R:3}" />
</rule>
<rule name="Redirect Make And Model" stopProcessing="true">
<match url="^vehicles/default\.aspx$" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{REQUEST_METHOD}" pattern="^POST$" negate="true" />
<add input="{QUERY_STRING}" pattern="^make=([^=&]+)&model=([^=&]+)$" />
</conditions>
<action type="Redirect" url="{C:1}/{C:2}" appendQueryString="false" />
</rule>
<rule name="Rewrite Make And Model" stopProcessing="true">
<match url="^([a-z\ ]+)/([a-z\ ]+)/?$" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true" />
</conditions>
<action type="Rewrite" url="vehicles/default.aspx?make={R:1}&model={R:2}" />
</rule>
<rule name="Redirect Make Model And SubModel" stopProcessing="true">
<match url="^vehicles/default\.aspx$" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{REQUEST_METHOD}" pattern="^POST$" negate="true" />
<add input="{QUERY_STRING}" pattern="^make=([^=&]+)&model=([^=&]+)&submodel=([^=&]+)$" />
</conditions>
<action type="Redirect" url="{C:1}/{C:2}/{C:3}" appendQueryString="false" />
</rule>
<rule name="Rewrite Make Model And SubModel" stopProcessing="true">
<match url="^([a-z\ ]+)/([a-z\ ]+)/([a-z\ ]+)/?$" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true" />
</conditions>
<action type="Rewrite" url="vehicles/default.aspx?make={R:1}&model={R:2}&submodel={R:3}" />
</rule>
<rule name="Redirect Make An Offer StockNo" stopProcessing="true">
<match url="^Vehicles/Make-An-Offer\.aspx$" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{REQUEST_METHOD}" pattern="^POST$" negate="true" />
<add input="{QUERY_STRING}" pattern="^stockno=([^=&]+)$" />
</conditions>
<action type="Redirect" url="Vehicles/Make-An-Offer/{C:1}" appendQueryString="false" />
</rule>
<rule name="Rewrite Make An Offer StockNo" stopProcessing="true">
<match url="^Vehicles/Make-An-Offer/([^/]+)/?$" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true" />
</conditions>
<action type="Rewrite" url="Vehicles/Make-An-Offer.aspx?stockno={R:1}" />
</rule>
<rule name="Redirect Make An Offer StockNo And Desc" stopProcessing="true">
<match url="^Vehicles/Make-An-Offer\.aspx$" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{REQUEST_METHOD}" pattern="^POST$" negate="true" />
<add input="{QUERY_STRING}" pattern="^stockno=([^=&]+)&desc=([^=&]+)$" />
</conditions>
<action type="Redirect" url="Vehicles/Make-An-Offer/{C:1}/{C:2}" appendQueryString="false" />
</rule>
<rule name="Rewrite Make An Offer StockNo And Desc" stopProcessing="true">
<match url="^Vehicles/Make-An-Offer/([^/]+)/([^/]+)/?$" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true" />
</conditions>
<action type="Rewrite" url="Vehicles/Make-An-Offer.aspx?stockno={R:1}&desc={R:2}" />
</rule>
<rule name="Redirect to Default" enabled="true">
<match url="(.*)default.aspx" ignoreCase="false" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false" />
<action type="Redirect" url="{R:1}" redirectType="Permanent" />
</rule>
<rule name="Add Trailing Slash" enabled="true">
<match url="[^/]$" ignoreCase="false" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
<add input="{URL}" pattern="\.axd$" ignoreCase="false" negate="true" />
</conditions>
<action type="Redirect" url="{URL}/" appendQueryString="false" redirectType="Permanent" />
</rule>
</rules>
<outboundRules>
<preConditions>
<preCondition name="ResponseIsHtml1">
<add input="{RESPONSE_CONTENT_TYPE}" pattern="^text/html" />
</preCondition>
</preConditions>
</outboundRules>
<rewriteMaps>
<rewriteMap name="test" />
</rewriteMaps>
推荐答案
在您的第二条规则中, R:似乎没有放在方括号中:
In your 2nd rule, it looks like the R: is not enclosed in brackets:
http://www.domain.com/R:{0}
应该是http://www.domain.com/{R:0}
这篇关于URL重写-从客户端检测到潜在危险的Request.Path值的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!