3
我有一個使用ColdBox構建的網站,並試圖從URL中刪除/index.cfm/。我在使用下面的web.config文件在IIS7上運行的ColdFusion 9上工作得很好,但不能讓我在CF10/IIS7.5上運行。安裝了rewrite模塊,並且包含index.cfm(即index.cfm/product/1)的SES URL工作得很好。我知道CF10現在運行在Tomcat上而不是JRun上,並且Tomcat不支持SES URL,但從我所瞭解的情況來看,CF團隊明確地增加了對它們的支持(並且實際上檢查web.xml文件表明:是真的)。我真的不相信這是一個ColdBox特定的問題,而是CF10/Tomcat和IIS7.5之間的東西。SES IIS 7.5和ColdFusion 10問題
注意:我沒有直接訪問Web服務器,但正在與託管提供商合作。我也不是任何想象力的IIS專業人員。最後,不,Apache是不是一種選擇 - 相信我,我希望不是這樣;-)
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<defaultDocument>
<files>
<clear />
<add value="index.cfm" />
<add value="Default.htm" />
<add value="Default.asp" />
<add value="index.htm" />
<add value="index.html" />
<add value="iisstart.htm" />
<add value="default.aspx" />
</files>
</defaultDocument>
<rewrite>
<rules>
<rule name="SQL Injection - EXEC" stopProcessing="true">
<match url="^.*EXEC\(@.*$" />
<action type="CustomResponse" url="/includes/templates/404.html" statusCode="403" statusReason="Forbidden" statusDescription="Forbidden" />
</rule>
<rule name="SQL Injection - CAST" stopProcessing="true">
<match url="^.*CAST\(.*$" />
<action type="CustomResponse" url="/includes/templates/404.html" statusCode="403" statusReason="Forbidden" statusDescription="Forbidden" />
</rule>
<rule name="SQL Injection - DECLARE" stopProcessing="true">
<match url="^.*DECLARE.*$" />
<action type="CustomResponse" url="/includes/templates/404.html" statusCode="403" statusReason="Forbidden" statusDescription="Forbidden" />
</rule>
<rule name="SQL Injection - DECLARE%20" stopProcessing="true">
<match url="^.*DECLARE%20.*$" />
<action type="CustomResponse" url="/includes/templates/404.html" statusCode="403" statusReason="Forbidden" statusDescription="Forbidden" />
</rule>
<rule name="SQL Injection - NVARCHAR" stopProcessing="true">
<match url="^.*NVARCHAR.*$" />
<action type="CustomResponse" url="/includes/templates/404.html" statusCode="403" statusReason="Forbidden" statusDescription="Forbidden" />
</rule>
<rule name="SQL Injection - sp_password" stopProcessing="true">
<match url="^.*sp_password.*$" />
<action type="CustomResponse" url="/includes/templates/404.html" statusCode="403" statusReason="Forbidden" statusDescription="Forbidden" />
</rule>
<rule name="SQL Injection - xp" stopProcessing="true">
<match url="^.*%20xp_.*$" />
<action type="CustomResponse" url="/includes/templates/404.html" statusCode="403" statusReason="Forbidden" statusDescription="Forbidden" />
</rule>
<rule name="Application Adminsitration" stopProcessing="true">
<match url="^(.*)$" />
<conditions logicalGrouping="MatchAll">
<add input="{SCRIPT_NAME}" pattern="^/(.*(CFIDE|cfide|CFFormGateway|jrunscripts|railo-context|fckeditor)).*$" ignoreCase="false" />
</conditions>
<action type="None" />
</rule>
<rule name="Flash and Flex Communication" stopProcessing="true">
<match url="^(.*)$" ignoreCase="false" />
<conditions logicalGrouping="MatchAll">
<add input="{SCRIPT_NAME}" pattern="^/(.*(flashservices|flex2gateway|flex-remoting)).*$" ignoreCase="false" />
</conditions>
<action type="Rewrite" url="index.cfm/{PATH_INFO}" appendQueryString="true" />
</rule>
<rule name="Static Files" stopProcessing="true">
<match url="^(.*)$" />
<conditions logicalGrouping="MatchAll">
<add input="{SCRIPT_NAME}" pattern="\.(bmp|gif|jpe?g|png|css|js|txt|pdf|doc|xls)$" ignoreCase="false" />
</conditions>
<action type="None" />
</rule>
<rule name="RESTful Applications (not working yet)" stopProcessing="true">
<match url="^(.*)$" />
<conditions logicalGrouping="MatchAll">
<add input="{SCRIPT_NAME}" pattern="^/(.*(rest)).*$" ignoreCase="false" />
</conditions>
<action type="None" />
</rule>
<rule name="Insert index.cfm" stopProcessing="true">
<match url="^(.*)$" ignoreCase="false" />
<conditions logicalGrouping="MatchAll">
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true" />
</conditions>
<action type="Rewrite" url="index.cfm/{PATH_INFO}" appendQueryString="true" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>