反向代理IIS为OPTIONS请求返回403

时间:2017-05-16 17:10:04

标签: iis reporting-services proxy http-headers reverse-proxy

我设置了一个反向代理,可以在我们的防火墙后面调用SSRS。它主要是工作但我试图解决飞行前的OPTIONS请求,持续获得403.我是否错过了配置更改?我已经看到其他帖子,人们为OPTIONS请求返回200。可以通过反向代理完成吗?

web.config(用于反向代理)

<?xml version="1.0" encoding="UTF-8"?><configuration>
<system.webServer>
<validation validateIntegratedModeConfiguration="false" />   
 <security>
  <authorization>        
    <add accessType="Allow" users="*" verbs="GET,POST,PUT,OPTIONS" />   
  </authorization>
  <requestFiltering>
    <verbs applyToWebDAV="false">
      <add verb="OPTIONS" allowed="true" />
    </verbs>
  </requestFiltering>
</security>
<handlers>  <remove name="OPTIONSVerbHandler" />
    <add name="MyOPTIONSVerbHandler" path="*" verb="OPTIONS" modules="StaticFileModule" requireAccess="None" />   

</handlers><httpProtocol>
 <customHeaders>
   <add name="Access-Control-Allow-Origin" value="*" />
   <add name="Access-Control-Request-Headers" value="Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization, Access-Control-Allow-Origin,Access-Control-Request-Headers,Access-Control-Allow-Credentials" />
   <add name="Access-Control-Request-Methods" value="GET, PUT, POST, DELETE, HEAD, OPTIONS" />
   <add name="Access-Control-Allow-Headers" value="Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization, Access-Control-Allow-Origin,Access-Control-Request-Headers,Access-Control-Allow-Credentials" />
   <add name="Access-Control-Allow-Methods" value="GET, PUT, POST, DELETE, HEAD, OPTIONS" />
   <add name="Access-Control-Allow-Credentials" value="true" />
   <add name="Access-Control-Max-Age" value="1728000" />
 </customHeaders>   </httpProtocol>
    <rewrite>
        <rules>
            <rule name="ReverseProxyInboundRule1" stopProcessing="true">
                <match url="(.*)" />
                <action type="Rewrite" url="http://my-ssrs-url/{R:1}" />
 <serverVariables>
    <set name="HTTP_Authorization" value="Basic {omitted}" />
</serverVariables>
            </rule>   
        </rules>
        <outboundRules>  
            <preConditions>
                <preCondition name="ResponseIsHtml1">
                    <add input="{RESPONSE_CONTENT_TYPE}" pattern="^text/html" />
                </preCondition>
            </preConditions>
        </outboundRules>
    </rewrite>
</system.webServer></configuration>

Chrome标头:

    Request URL:http://my-reverseproxy-url:8088/reports/api/v1.0/CatalogItems(86f0591c-8eb5-4951-9ca3-d16a847d6dd6)/Model.DataSet/Model.GetData?maxRows=
Request Method:OPTIONS
Status Code:403 Forbidden
Remote Address:172.20.32.200:8088
Referrer Policy:no-referrer-when-downgrade
Response Headers
view source
Access-Control-Allow-Credentials:true
Access-Control-Allow-Headers:Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization, Access-Control-Allow-Origin,Access-Control-Request-Headers,Access-Control-Allow-Credentials
Access-Control-Allow-Methods:GET, PUT, POST, DELETE, HEAD, OPTIONS
Access-Control-Allow-Origin:*
Access-Control-Max-Age:1728000
Access-Control-Request-Headers:Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization, Access-Control-Allow-Origin,Access-Control-Request-Headers,Access-Control-Allow-Credentials
Access-Control-Request-Methods:GET, PUT, POST, DELETE, HEAD, OPTIONS
Cache-Control:private
Content-Length:0
Date:Tue, 16 May 2017 16:58:53 GMT
Server:Microsoft-IIS/8.5
Set-Cookie:XSRF-NONCE=QxQVNGHrnygkOO5pESdPWSX7gD7N9IkyDFZeb8SSZeI%3D; path=/reports; HttpOnly
Set-Cookie:XSRF-TOKEN=voBxCxC7FAtwDnRDx%2B4tQ0UfBThZFcmq2cF0nwCbtKK%2FB6%2FI4TFt8lDA9OXmNABaAD4tKL2ygGnvp1MkucOgTqDlN3khUOaV8f2LbFWuMthkjOoH%2BcCXRWrmnx9akYOmRdPRyIB9Kxjq9Lz0px1%2BME6NtYvNnyxhUlnaczusO8k5wLNvo8OqTFB751b%2Fqm9E; path=/reports
X-Content-Type-Options:nosniff
X-Powered-By:ASP.NET
X-Powered-By:ARR/3.0
Request Headers
view source
Accept:*/*
Accept-Encoding:gzip, deflate, sdch
Accept-Language:en-US,en;q=0.8
Access-Control-Request-Headers:content-type,x-xsrf-token
Access-Control-Request-Method:POST
Connection:keep-alive
Host:my-reverseproxy-url:8088
Origin:http://my-ssrs-url
Referer:http://my-ssrs-url/reports/api/v1.0/SafeGetSystemResourceContent(type='mobilereportruntime',key='web')?v=3.9.118
User-Agent:Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36
Query String Parameters
view source
view URL encoded
maxRows:

Chrome控制台:

OPTIONS http://my-reverseproxy-url:8088/reports/api/v1.0/CatalogItems(86f0591c-8eb5-4951-9ca3-d16a847d6dd6)/Model.DataSet/Model.GetData?maxRows= 403 (Forbidden)

XMLHttpRequest cannot load http://my-reverseproxy-url:8088/reports/api/v1.0/CatalogItems(86f0591c-8eb5-4951-9ca3-d16a847d6dd6)/Model.DataSet/Model.GetData?maxRows=. Response for preflight has invalid HTTP status code 403

0 个答案:

没有答案
相关问题
最新问题