IIS HTTP Error 404 for .cs and .config files
Platform notice: Server and Data Center only. This article only applies to Atlassian products on the Server and Data Center platforms.
Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Except Fisheye and Crucible
Problem
Bitbucket is unable to view .cs and .config files in commits or in pull requests and the following message appears when try to visualise a .cs or .config file in a commit:
Server Error
HTTP Error 404 - File or directory not found.
Description: The resource you are looking for might have been removed,
had its name changed, or is temporarily unavailable.
Server Version Information: Internet Information Services 7.0.
Diagnosis
Environment
- Windows Server.
- Internet Information Services (IIS) configured as reverse proxy.
Cause
When you install the .NET Framework and register ASP.NET for IIS it will by default tell IIS to not serve these files.
This is generally considered a safe choice being .cs and .config files sensitive in case you are deploying .NET applications.
Resolution
Change the web.config for the website removing restrictions for file extensions served:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="ReverseProxyInboundRule1" stopProcessing="true">
<match url="(.*)" />
<action type="Rewrite" url="http://internal_bitbucket_hostname:7990/{R:1}" />
</rule>
</rules>
<outboundRules>
<rule name="ReverseProxyOutboundRule1" preCondition="ResponseIsHtml1" enabled="false" stopProcessing="true">
<match filterByTags="A, Area, Form, Img, Link, Script" pattern="^http(s)?://(.*@)?hostname:7990/(.*)" />
<action type="Rewrite" value="http{R:1}://{R:2}external_bitbucket_hostname.com/{R:3}" />
</rule>
<preConditions>
<preCondition name="ResponseIsHtml1">
<add input="{RESPONSE_CONTENT_TYPE}" pattern="^text/html" />
</preCondition>
</preConditions>
</outboundRules>
</rewrite>
<security>
<requestFiltering>
<fileExtensions applyToWebDAV="false">
<!-- The following statement removes all the request filtering -->
<clear />
</fileExtensions>
</requestFiltering>
</security>
</system.webServer>
</configuration>
Note that now all the extensions will now be served by IIS if you want to tailor the change just to allow .cs and .config you can use the following section:
<system.webServer>
...
<security>
<requestFiltering>
<fileExtensions>
<remove fileExtension=".cs" />
<remove fileExtension=".config" />
<add fileExtension=".cs" allowed="true" />
<add fileExtension=".config" allowed="true" />
</fileExtensions>
</requestFiltering>
</security>
</system.webServer>