我有一个使用ColdBox构建的站点,并试图从 URL 中删除 /index.cfm/。我使用下面的 web.config 文件在 IIS7 上运行的 ColdFusion 9 上运行良好,但我无法让它在 CF10/IIS7.5 上运行。安装了重写模块,并且包含 index.cfm(即 index.cfm/product/1)的 SES URL 可以正常工作。我知道 CF10 现在在 Tomcat 而不是 JRun 上运行,并且开箱即用的 Tomcat 不支持 SES URL,但据我了解,CF 团队明确添加了对它们的支持(并且确实检查了 web.xml 文件表明是真的。)我真的不相信这是一个 ColdBox 特定的问题,而是 CF10/Tomcat 和 IIS7.5 之间的问题。
注意:我没有直接访问网络服务器的权限,但正在与托管服务提供商合作。无论如何,我也不是 IIS 专业人士。最后,不,Apache 不是一个选项 - 相信我,我希望不是这样;-)
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<defaultDocument>
<files>
<clear />
<add value="index.cfm" />
<add value="Default.htm" />
<add value="Default.asp" />
<add value="index.htm" />
<add value="index.html" />
<add value="iisstart.htm" />
<add value="default.aspx" />
</files>
</defaultDocument>
<rewrite>
<rules>
<rule name="SQL Injection - EXEC" stopProcessing="true">
<match url="^.*EXEC\(@.*$" />
<action type="CustomResponse" url="/includes/templates/404.html" statusCode="403" statusReason="Forbidden" statusDescription="Forbidden" />
</rule>
<rule name="SQL Injection - CAST" stopProcessing="true">
<match url="^.*CAST\(.*$" />
<action type="CustomResponse" url="/includes/templates/404.html" statusCode="403" statusReason="Forbidden" statusDescription="Forbidden" />
</rule>
<rule name="SQL Injection - DECLARE" stopProcessing="true">
<match url="^.*DECLARE.*$" />
<action type="CustomResponse" url="/includes/templates/404.html" statusCode="403" statusReason="Forbidden" statusDescription="Forbidden" />
</rule>
<rule name="SQL Injection - DECLARE%20" stopProcessing="true">
<match url="^.*DECLARE%20.*$" />
<action type="CustomResponse" url="/includes/templates/404.html" statusCode="403" statusReason="Forbidden" statusDescription="Forbidden" />
</rule>
<rule name="SQL Injection - NVARCHAR" stopProcessing="true">
<match url="^.*NVARCHAR.*$" />
<action type="CustomResponse" url="/includes/templates/404.html" statusCode="403" statusReason="Forbidden" statusDescription="Forbidden" />
</rule>
<rule name="SQL Injection - sp_password" stopProcessing="true">
<match url="^.*sp_password.*$" />
<action type="CustomResponse" url="/includes/templates/404.html" statusCode="403" statusReason="Forbidden" statusDescription="Forbidden" />
</rule>
<rule name="SQL Injection - xp" stopProcessing="true">
<match url="^.*%20xp_.*$" />
<action type="CustomResponse" url="/includes/templates/404.html" statusCode="403" statusReason="Forbidden" statusDescription="Forbidden" />
</rule>
<rule name="Application Adminsitration" stopProcessing="true">
<match url="^(.*)$" />
<conditions logicalGrouping="MatchAll">
<add input="{SCRIPT_NAME}" pattern="^/(.*(CFIDE|cfide|CFFormGateway|jrunscripts|railo-context|fckeditor)).*$" ignoreCase="false" />
</conditions>
<action type="None" />
</rule>
<rule name="Flash and Flex Communication" stopProcessing="true">
<match url="^(.*)$" ignoreCase="false" />
<conditions logicalGrouping="MatchAll">
<add input="{SCRIPT_NAME}" pattern="^/(.*(flashservices|flex2gateway|flex-remoting)).*$" ignoreCase="false" />
</conditions>
<action type="Rewrite" url="index.cfm/{PATH_INFO}" appendQueryString="true" />
</rule>
<rule name="Static Files" stopProcessing="true">
<match url="^(.*)$" />
<conditions logicalGrouping="MatchAll">
<add input="{SCRIPT_NAME}" pattern="\.(bmp|gif|jpe?g|png|css|js|txt|pdf|doc|xls)$" ignoreCase="false" />
</conditions>
<action type="None" />
</rule>
<rule name="RESTful Applications (not working yet)" stopProcessing="true">
<match url="^(.*)$" />
<conditions logicalGrouping="MatchAll">
<add input="{SCRIPT_NAME}" pattern="^/(.*(rest)).*$" ignoreCase="false" />
</conditions>
<action type="None" />
</rule>
<rule name="Insert index.cfm" stopProcessing="true">
<match url="^(.*)$" ignoreCase="false" />
<conditions logicalGrouping="MatchAll">
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true" />
</conditions>
<action type="Rewrite" url="index.cfm/{PATH_INFO}" appendQueryString="true" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>