Disable IIS request filtering for specific paths

Question

Disable IIS request filtering for specific paths

Is there a way to configure IIS 7.0+ (or 7.5+) in such a way that request filtering is completely disabled for certain paths. I.e

http://host.local/foo/bar.cs

prohibited (since applicationHost.config does not allow *.cs files to be submitted), but

 http://host.local/foo/allow-all/bar.cs

allowed.

+4

iis iis-7

Anton Gogolev Jun 13 '12 at 16:37

source share

1 answer

vcsjones · Answer 1 · 2012-06-13T16:56:01+0000

In your allow-all directory, you can create a web.config file with the following configuration:

 <configuration> <system.webServer> <security> <requestFiltering> <fileExtensions> <remove fileExtension=".cs" /> </fileExtensions> </requestFiltering> </security> <staticContent> <mimeMap fileExtension=".cs" mimeType="text/plain" /> </staticContent> </system.webServer> </configuration>

This configuration removes the .cs extension from query filtering. In addition, in order for IIS to properly serve content, it needs a MIME type, so the .cs extension is added as / plain text.

These changes also apply to all allow-all child directories. This configuration works with the integrated application pool. The classic may require additional changes, as there are HTTP handlers that explicitly forbid .cs as well.

Disable IIS request filtering for specific paths

More articles: