ISS tells me 500.52 Outbound rewrite rules cannot be applied when the content of the HTTP response is encoded (“gzip”)
Going into deep when setting the following works: Goto Compression Page and disable “Enable dynamic content compression”
Can this information be added to the readme for other folks?
attachted you will find a working web.config for IIS Reverse Proxy to be fully compatible with Sentry. It took quite a lot of work to find out every strange IIS behavior and fix it to have a fully working Sentry
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<rewrite>
<outboundRules>
<rule name="ReverseProxyOutboundRule1" preCondition="ResponseIsHtml1">
<match filterByTags="A, Form, Img" pattern="^http(s)?://sentry_host:9000/(.*)" />
<action type="Rewrite" value="http{R:1}://public_host/{R:2}" />
</rule>
<preConditions>
<preCondition name="ResponseIsHtml1">
<add input="{RESPONSE_CONTENT_TYPE}" pattern="^text/html" />
</preCondition>
</preConditions>
</outboundRules>
<rules>
<clear />
<!-- remove this rule if lets encrypt is not required -->
<rule name="LetsEncrypt" stopProcessing="true">
<match url=".well-known/acme-challenge/*" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false" />
<action type="None" />
</rule>
<!-- remove this rule if redirecting to https is not required-->
<rule name="Enforce HTTPS" stopProcessing="true">
<match url="(.*)" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{REQUEST_URI}" />
</rule>
<rule name="ReverseProxyInboundRule1" stopProcessing="true">
<match url="(.*)" />
<action type="Rewrite" url="http://sentry_host:9000/{R:1}" />
</rule>
</rules>
</rewrite>
<!-- dynamic compression must be disabled-->
<urlCompression doStaticCompression="true" doDynamicCompression="false" />
<security>
<!-- otherwise the + sign from prefix@version+sha will not work -->
<requestFiltering allowDoubleEscaping="true" />
</security>
</system.webServer>
<system.web>
<!-- otherwise the : sign from eventSlug within /organizations/:orgId/performance/:eventSlug/ route will not work -->
<httpRuntime requestPathInvalidCharacters="*,%,?,\,&,<,>" />
</system.web>
</configuration>
Note:
sentry_host has to be replaced with the IP adress where sentry is running
public_host is the host which is used to reach the sentry instance from the internet