Gitea v1.8.1 IIS reverse proxy does not load resources(js/css) #3377

New Issue

GiteaMirror · 2025-11-02T05:10:42-06:00

GiteaMirror commented

2025-11-02 05:10:42 -06:00

Originally created by @jigiman on GitHub (May 25, 2019).

Gitea version : 1.8.1
Git version:
Operating system: Windows Server 2012
Database (use [x]):
- PostgreSQL
- MySQL
- MSSQL
- SQLite
Can you reproduce the bug at https://try.gitea.io:
- Yes (provide example URL)
- No
- Not relevant
Log gist:

Description

I have been using gitea v1.7.3 without any issues. Since the new version has been released, i wanted to upgrade.
After upgrade i noticed that the site does not load properly. Looking at the browser console, found few errors. When running the site in http://localhost:3000 it works fine. Just when running behind IIS reverse proxy, the errors exists.

My web.config file contains

<configuration>
    <system.webServer>
        <rewrite>
            <rules>
                <rule name="ReverseProxyInboundRule1" stopProcessing="true">
                    <match url="(.*)" />
                    <action type="Rewrite" url="http://localhost:3000/{R:0}" />
                </rule>
            </rules>
            <outboundRules>
                <preConditions>
                    <preCondition name="ResponseIsHtml1">
                        <add input="{RESPONSE_CONTENT_TYPE}" pattern="^text/html" />
                    </preCondition>
                </preConditions>
            </outboundRules>
        </rewrite>
<security>
        <requestFiltering>
            <fileExtensions>
                <remove fileExtension=".cs" />
				<remove fileExtension=".config" />
                <add fileExtension=".cs" allowed="true" />
                <add fileExtension=".config" allowed="true" />
            </fileExtensions>
        </requestFiltering>
    </security>
    </system.webServer>
</configuration>

...

Originally created by @jigiman on GitHub (May 25, 2019).   - Gitea version : 1.8.1 - Git version: - Operating system: Windows Server 2012 - Database (use `[x]`): - [ ] PostgreSQL - [ ] MySQL - [ ] MSSQL - [x] SQLite - Can you reproduce the bug at https://try.gitea.io: - [ ] Yes (provide example URL) - [x] No - [ ] Not relevant - Log gist: ## Description I have been using gitea v1.7.3 without any issues. Since the new version has been released, i wanted to upgrade. After upgrade i noticed that the site does not load properly. Looking at the browser console, found few errors. When running the site in http://localhost:3000 it works fine. Just when running behind IIS reverse proxy, the errors exists. My web.config file contains ```<?xml version="1.0" encoding="UTF-8"?> <configuration> <system.webServer> <rewrite> <rules> <rule name="ReverseProxyInboundRule1" stopProcessing="true"> <match url="(.*)" /> <action type="Rewrite" url="http://localhost:3000/{R:0}" /> </rule> </rules> <outboundRules> <preConditions> <preCondition name="ResponseIsHtml1"> <add input="{RESPONSE_CONTENT_TYPE}" pattern="^text/html" /> </preCondition> </preConditions> </outboundRules> </rewrite> <security> <requestFiltering> <fileExtensions> <remove fileExtension=".cs" /> <remove fileExtension=".config" /> <add fileExtension=".cs" allowed="true" /> <add fileExtension=".config" allowed="true" /> </fileExtensions> </requestFiltering> </security> </system.webServer> </configuration> ...

GiteaMirror closed this issue

2025-11-02 05:10:42 -06:00

GiteaMirror commented

2025-11-02 05:10:43 -06:00

@jigiman commented on GitHub (May 25, 2019):

Screenshot

@jigiman commented on GitHub (May 25, 2019): ## Screenshot ![Screen Shot 2019-05-25 at 10 04 48 AM](https://user-images.githubusercontent.com/11192118/58364660-722b0080-7ed7-11e9-8bdc-0fa88b6845e5.png)

GiteaMirror commented

2025-11-02 05:10:43 -06:00

@lorems commented on GitHub (Jul 8, 2019):

I went from 1.7.5 -> 1.8.3 and don't have any issues.

Here's my config:

IIS 7.5 gitea application authentication

All authentication are disabled except anonymous

app.ini

...
[server]
LOCAL_ROOT_URL   = http://localhost:3000/
SSH_DOMAIN       = localhost
DOMAIN           = app.domain.local
HTTP_PORT        = 3000
ROOT_URL         = https://app.domain.local/gitea/
DISABLE_SSH      = true
SSH_PORT         = 22
LFS_START_SERVER = true
LFS_CONTENT_PATH = C:/gitea/data/lfs
LFS_JWT_SECRET   = xxxxxxxxxxxxxx
OFFLINE_MODE     = false
...

web.config

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
    <system.webServer>
        <rewrite>
            <rules>
                <rule name="ReverseProxyInboundRule1" stopProcessing="true">
                    <match url="(.*)" />
                    <action type="Rewrite" url="http://SERVERNAME:3000/{R:1}" />
                </rule>
            </rules>
        </rewrite>
    </system.webServer>
	<system.webServer>
		<security>
		  <requestFiltering>
			<fileExtensions allowUnlisted="true">
				<remove fileExtension=".asa" />
				<remove fileExtension=".asax" />
				<remove fileExtension=".ascx" />
				<remove fileExtension=".master" />
				<remove fileExtension=".skin" />
				<remove fileExtension=".browser" />
				<remove fileExtension=".sitemap" />
				<remove fileExtension=".config" />
				<remove fileExtension=".cs" />
				<remove fileExtension=".csproj" />
				<remove fileExtension=".vb" />
				<remove fileExtension=".vbproj" />
				<remove fileExtension=".webinfo" />
				<remove fileExtension=".licx" />
				<remove fileExtension=".resx" />
				<remove fileExtension=".resources" />
				<remove fileExtension=".mdb" />
				<remove fileExtension=".vjsproj"  />
				<remove fileExtension=".java" />
				<remove fileExtension=".jsl"  />
				<remove fileExtension=".ldb" />
				<remove fileExtension=".dsdgm" />
				<remove fileExtension=".ssdgm" />
				<remove fileExtension=".lsad" />
				<remove fileExtension=".ssmap" />
				<remove fileExtension=".cd" />
				<remove fileExtension=".dsprototype" />
				<remove fileExtension=".lsaprototype" />
				<remove fileExtension=".sdm" />
				<remove fileExtension=".sdmDocument" />
				<remove fileExtension=".mdf" />
				<remove fileExtension=".ldf" />
				<remove fileExtension=".ad" />
				<remove fileExtension=".dd" />
				<remove fileExtension=".ldd" />
				<remove fileExtension=".sd" />
				<remove fileExtension=".adprototype" />
				<remove fileExtension=".lddprototype" />
				<remove fileExtension=".exclude" />
				<remove fileExtension=".refresh" />
				<remove fileExtension=".compiled" />
				<remove fileExtension=".msgx" />
				<remove fileExtension=".vsdisco" />
			</fileExtensions>
			<!-- Allow all folders with 'bin', 'App_code', 'App_Data', etc names. --> 
			<hiddenSegments>
			 <clear />
			</hiddenSegments>
		  </requestFiltering>
		</security>
	  </system.webServer>
</configuration>

@lorems commented on GitHub (Jul 8, 2019): I went from 1.7.5 -> 1.8.3 and don't have any issues. Here's my config: **IIS 7.5 gitea application authentication** - All authentication are disabled except anonymous ![image](https://user-images.githubusercontent.com/22122624/60813992-cece3c00-a162-11e9-87c3-556834b13271.png) **app.ini** ```ini ... [server] LOCAL_ROOT_URL = http://localhost:3000/ SSH_DOMAIN = localhost DOMAIN = app.domain.local HTTP_PORT = 3000 ROOT_URL = https://app.domain.local/gitea/ DISABLE_SSH = true SSH_PORT = 22 LFS_START_SERVER = true LFS_CONTENT_PATH = C:/gitea/data/lfs LFS_JWT_SECRET = xxxxxxxxxxxxxx OFFLINE_MODE = false ... ``` **web.config** ```xml <?xml version="1.0" encoding="UTF-8"?> <configuration> <system.webServer> <rewrite> <rules> <rule name="ReverseProxyInboundRule1" stopProcessing="true"> <match url="(.*)" /> <action type="Rewrite" url="http://SERVERNAME:3000/{R:1}" /> </rule> </rules> </rewrite> </system.webServer> <system.webServer> <security> <requestFiltering> <fileExtensions allowUnlisted="true"> <remove fileExtension=".asa" /> <remove fileExtension=".asax" /> <remove fileExtension=".ascx" /> <remove fileExtension=".master" /> <remove fileExtension=".skin" /> <remove fileExtension=".browser" /> <remove fileExtension=".sitemap" /> <remove fileExtension=".config" /> <remove fileExtension=".cs" /> <remove fileExtension=".csproj" /> <remove fileExtension=".vb" /> <remove fileExtension=".vbproj" /> <remove fileExtension=".webinfo" /> <remove fileExtension=".licx" /> <remove fileExtension=".resx" /> <remove fileExtension=".resources" /> <remove fileExtension=".mdb" /> <remove fileExtension=".vjsproj" /> <remove fileExtension=".java" /> <remove fileExtension=".jsl" /> <remove fileExtension=".ldb" /> <remove fileExtension=".dsdgm" /> <remove fileExtension=".ssdgm" /> <remove fileExtension=".lsad" /> <remove fileExtension=".ssmap" /> <remove fileExtension=".cd" /> <remove fileExtension=".dsprototype" /> <remove fileExtension=".lsaprototype" /> <remove fileExtension=".sdm" /> <remove fileExtension=".sdmDocument" /> <remove fileExtension=".mdf" /> <remove fileExtension=".ldf" /> <remove fileExtension=".ad" /> <remove fileExtension=".dd" /> <remove fileExtension=".ldd" /> <remove fileExtension=".sd" /> <remove fileExtension=".adprototype" /> <remove fileExtension=".lddprototype" /> <remove fileExtension=".exclude" /> <remove fileExtension=".refresh" /> <remove fileExtension=".compiled" /> <remove fileExtension=".msgx" /> <remove fileExtension=".vsdisco" /> </fileExtensions>  <hiddenSegments> <clear /> </hiddenSegments> </requestFiltering> </security> </system.webServer> </configuration> ```

GiteaMirror commented

2025-11-02 05:10:43 -06:00

@lafriks commented on GitHub (Jul 8, 2019):

Closing as fixed, please reopen if there is still a problem

@lafriks commented on GitHub (Jul 8, 2019): Closing as fixed, please reopen if there is still a problem

GiteaMirror referenced this issue

2025-11-02 12:22:00 -06:00

[PR #3377] [MERGED] Add integrations tests from git cli #16913

GiteaMirror referenced this issue

2025-11-02 12:22:01 -06:00

[PR #3384] [MERGED] Remove useless check #16914

Sign in to join this conversation.