Web interface not working with IIS HTTP Proxy

[sashaqwert]

Decided to deploy rdpx on ports 80 and 443 via IIS URL Rewriting so as not to disable other IIS based sites. I used a proxy not for the root, but for /RemoteAppX (RAWeb is hosted in /RemoteApp and functions normally)

Screenshot

web.config from /RemoteAppX:

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
    <system.webServer>
        <rewrite>
            <rules>
                <rule name="ReverseProxyInboundRule1" stopProcessing="true">
                    <match url="(.*)" ignoreCase="true" />
                    <action type="Rewrite" url="http://127.0.0.1:8080/{R:1}" />
                </rule>
            </rules>
        </rewrite>
    </system.webServer>
</configuration>

UPD I found the reason (but not the solution): Requests are coming in correctly. In the HTML code of the response, the links go as if the proxy was running from the root directory "/".

I am looking for options for replacing the answer ...

IIS URL Rewriting: https://www.iis.net/downloads/microsoft/url-rewrite

Application request routing: https://www.iis.net/downloads/microsoft/application-request-routing

---

UPD: You can also suggest alternative solutions on how to get rdpx to work on IIS.

[artomlinson]

Looks like you're missing the outbound configuration. This should have been created automatically if you added the Reverse Proxy rule through the IIS GUI

web.config example

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
    <system.webServer>
        <rewrite>
            <outboundRules>
                <rule name="ReverseProxyOutboundRule1" preCondition="ResponseIsHtml1">
                    <match filterByTags="A, Form, Img" pattern="^http(s)?://localhost:8080/(.*)" />
                    <action type="Rewrite" value="http{R:1}://your.domain.com/{R:2}" />
                </rule>
                <preConditions>
                    <preCondition name="ResponseIsHtml1">
                        <add input="{RESPONSE_CONTENT_TYPE}" pattern="^text/html" />
                    </preCondition>
                </preConditions>
            </outboundRules>
            <rules>
                <rule name="ReverseProxyInboundRule1" stopProcessing="true">
                    <match url="(.*)" />
                    <action type="Rewrite" url="http://localhost:8080/{R:1}" />
                </rule>
            </rules>
        </rewrite>
    </system.webServer>
</configuration>

I was rewriting a whole site for this (bound to a different port) rather than a Virtual Directory so your results may vary but I can't see why it wouldn't work

[sashaqwert]

Thanks! Unfortunately for the catalog it didn't work. Of all rdpx, only authorization works. Next - error 500.

Screenshot

I'll try to deploy this to another IIS site later.

[artomlinson]

The subdirectory shouldn't be included; line 8 of your web.config should read <action type="Rewrite" value="http{R:1}://pc.sccraft.ru/{R:2}" />

[sashaqwert]

The same result.

Screenshot

Remains to create one more IIS site (and release 1 more SSL) ...

[sashaqwert]

I created a separate site. On it with the proposed config does not work. There was such an error:

Screenshot

Uncaught TypeError: document.getElementById(...) is null
    recreatecards https://rdpx.pc.sccraft.ru/js/ui.js:6
    readfromserver https://rdpx.pc.sccraft.ru/js/config.js:227
    jQuery 8
        c
        fireWith
        l
        o
        send
        ajax
        i
        getJSON
    readfromserver https://rdpx.pc.sccraft.ru/js/config.js:225
    <anonymous> https://rdpx.pc.sccraft.ru/js/config.js:4

The bug is present in Firefox but not in Edge (based on Chromium). There are no errors anywhere without a proxy.

---

The new Android client (10.X) passes authentication with Windows authentication set on the proxy, but receives data indefinitely.

Results

Bottle v0.12.18 server starting up (using WSGIRefServer())...
Listening on http://0.0.0.0:8080/
Hit Ctrl-C to quit.

127.0.0.1 - - [22/Jan/2022 17:47:38] "GET /webfeed HTTP/1.1" 200 8267

[MrBrianGale]

The same result.

Screenshot

Remains to create one more IIS site (and release 1 more SSL) ...

Was just looking at this one and the web side reports a 500 error, but rdpx is reporting a 401 error. 401 is not authorized (ie not logged in) error. Also, your very first screenshot clearly states you are on an unsupported OS. Are you certain that this will ever work with the wrong OS?

It is also odd that firefox doesn't support java's getelementbyid as that is pretty standard. I imagine that bug is fixed as you posted this a while back.

As a thought though (a good step when troubleshooting stuff like this) - does it work if you don't use a URL rewrite and don't use a proxy? The reason I ask is it is USUALLY best to get it working with a "minimal custom config" and then slowly add things in until it works. Makes troubleshooting the issues a LOT easier. Last thought - that looks like it's all HTTP traffic in the first set of screenshots then https for the mobile screenshots. Webapps URL requires HTTPS (obviously) - do you have a trusted certificate chain going back to a CA that your mobile device trusts? If the cert isn't trusted, the mobile app won't be happy and depending on the app, it may fail or give an error or retry indefinitely or who knows... never know how the app developer decided to handle a bad cert error.

[thefiredragon]

@sashaqwert I have a little question, do I understand it right that feeds are working if I'm using IIS as proxy instead nginx? ( Newer MS Remote App client's)

[sashaqwert]

@thefiredragon Yes, but only with old Android app and Windows.

[thefiredragon]

Okay so for the newer clients we need to investigate the changes between client - server. Thank you for the fast response.