Xojo webapp Vs. IIS/app with domain certificate

oscar_morotti · September 7, 2024, 10:52am

Hi to all,

this is my situation: VPS with windows server 2022, IIS, domain
name and certificate for https. All work properly, I can see https://www.mydomain.com and I create a little app with asp.NET, I configure it like an app under IIS default website and I can see it by https://www.mydomain.com/asptest.

Now I try to configure some Xojo Webapps with IIS default website like an app, so I can use the url https://www.mydomain.com/appname1 for first app, https://www.mydomain.com/appname2 for second and so on.

I’m not a specialist about IIS.

I read documentation about how to use IIS (for example Windows IIS Deployment).

I create a windows service and now I can see my app by http://www.mydomain.com:port.

After I create an app in IIS Manager with name and physical path to the folder with all files about my Xojo app, I create a URL Write, and all seams to be ok.

When I try to open https://www.mydomain.com/appname1 I see a blank page, if I look inside browser development tools I see a message about missing css resources.

Can someone help me by suggesting what I need to check? Is it a problem about missing resources or other things about IIS configuration?

Thank you,

Oscar
000
001
002
003

Greg_O · September 7, 2024, 1:16pm

In the reverse proxy settings, you also need outbound rules to convert the local host address back into a domain name

Greg_O · September 7, 2024, 3:32pm

Scratch that. IIS doesn’t support rewriting when the content is compressed with gzip compression. I was able to get this working however…

For anyone that stumbles on this, there’s a few pieces you’ll need to install:

Install IIS (seems obvious, but it’s not enabled by default on non-server versions of Windows)
Download and install the IIS URL Rewrite Module from the Microsoft website.
Download and install the Application Request Routing (ARR) module from the Microsoft website.
Open IIS Manager and go to the Server Level by clicking on the server name.
Double-click the Application Request Routing Management item.
On the right-hand side, click Server Proxy Settings.
Check the Enable Proxy checkbox.
Select your website in the left-hand panel.
Double-click URL Rewrite.
On the right side, click Add Rule(s).
Choose Blank Rule under Inbound Rules and click OK.
Configure the rule:
1. Match URL:
  1. Requested URL: Matches the Pattern
  2. Using: Regular Expressions
  3. Pattern = (.*)
  4. Ignore case: checked
2. Action
  1. Action Type: Rewrite
  2. Rewrite URL: http://127.0.0.1:8080/{R:1}
  3. Append query string: checked
  4. Stop processing of subsequent rules: checked
Click the Apply button on the right-hand side
Click the Back to Rules button on the right-hand side
Select your website on the left-hand panel again.
Click the Restart button in the right-hand panel VERY IMPORTANT

The Rewrite URL in step 12.2.2 should match the port number that your Xojo app is running on. I used 8080 because that was what I set in my Xojo project.

oscar_morotti · September 7, 2024, 3:50pm

Hi Greg,

thanks for your reply.
I followed your instructions step by step, something has changed but unfortunately it still doesn’t work. Now the page shown by the browser is no longer blank but an error 500 appears.

Can I check other?

Thank you,

Oscar

Greg_O · September 7, 2024, 4:13pm

What does the error say on the browser window? Not the developer tools

Greg_O · September 7, 2024, 4:15pm

Remove the outbound rule.

oscar_morotti · September 7, 2024, 4:58pm

Hi Greg,
with inbound and outbound rules with firefox I have error 500, with chrome after some minute with circle wait icon appear error 503.
Now I remove the outbound rules and I update you.
Thank you,
Oscar

PS I see always my app if I open http://www.mydomain.com/myapp

oscar_morotti · September 7, 2024, 5:03pm

Hi Greg,
by removing outbound rules I have the previous situation, the browser show a blank page. In the URL bar I can see my valid certificate, but nothing else.

Thank you,
Oscar

Greg_O · September 7, 2024, 6:41pm

Can you show a screenshot of the incoming rule?

Greg_O · September 7, 2024, 8:15pm

Ok, so I did a little work here with a self-signed certificate (since I don’t have a real cert to try at the moment)

Here are screenshots of IIS, SSL Settings and the one Inbound Rule I’m using, as well as screenshots of Edge and Firefox showing the app running…

NOTE: I set up local DNS and was able to get it working with an actual domain using these settings as well…

oscar_morotti · September 8, 2024, 7:24am

Hi Greg,
I think all settings are the same but I can’t see Xojo application webpage.
Here the screenshot.
Thank you,
Oscar

Greg_O · September 8, 2024, 12:34pm

Try it without the dawesa subfolder and see if that works. Then we can work from there.

Greg_O · September 8, 2024, 4:07pm

Ya know, the fact that if you change the action on that rule to a redirect and it just works makes this feel like a bug in IIS. Everything I’m reading says this should work the way we’re putting it in, but in redirect mode, it serves up the files in the target directory instead of following the rule.

Greg_O · September 8, 2024, 8:24pm

Ok, so it looks like this inability to serve apps this way is actually a Xojo issue. I’m not going to call it a “bug” per se, but it looks like what the web framework is doing is tacking whatever is in App.URL + "/" in front of all of the initial resources when a session first starts up. If instead they only did that when App.URL is not empty, this would work a lot better.

At the very least, if there were a way to specify that the app was running behind a proxy and that the “/” shouldn’t be added, that would at least get you where you need to be.

@Ricardo_Cruz

Tim_Parnell · September 8, 2024, 9:53pm

I believe there’s a launch parameter you’re supposed to use when the Xojo Web app resides at a non-root URL. I thought it was added specifically to support apps.at/subpaths/.

Is this related at all? I’m fuzzy on specifics because I never needed the subpathed app urls.

Greg_O · September 9, 2024, 1:09am

I’d be delighted if that were the case, but I can’t find any docs that describe such a parameter.

FWIW - ChatGPT thinks it’s
--baseurl=/subdirectory

Anthony_G_Cyphers · September 9, 2024, 1:21am

https://documentation.xojo.com/topics/application_deployment/web/deployment_details.html

Greg_O · September 9, 2024, 1:42am

Interesting… I looked here:

https://documentation.xojo.com/api/web/webapplication.html#description

all the way at the bottom, there’s a chart of command-line parameters, and BaseURL is not among them.

Greg_O · September 9, 2024, 2:05am

Ok, so that works. To sum up:

When you launch your service, add a command-line parameter like this:

c:\inetpub\yourapp\yourapp.exe --baseurl=/subdirectory

In IIS, you should right-click on your site and create an application with a virtual path of subdirectory. I suggest that the physical directory be empty or just contain a blank index.html file so end-users can’t inadvertently access your app’s contents if the app goes down or IIS is misconfigured.

You should add a URL Rewrite rule configured like this:


Requested URL:	Matches the Pattern
Using:	Regular Expressions
Pattern	`(.*)`
Ignore Case	Checked
Conditions	None
Server Variables	None
Action Type	Rewrite
Rewrite URL	`http://127.0.0.1:8080/{R:1}`
Append query string	Checked
Stop Processing of subsequent rules	Checked

It may also be worth creating your own set of Error Pages for your app as the one for 502.3 - Bad Gateway exposes a lot of information that you might not want a user to know.

oscar_morotti · September 9, 2024, 5:27am

Hi Greg and all other,
I make the configuration, now all work perfectly!
Thanks so much for the help,
Oscar