0

IIS logging has logged that a specific GET request as been redirected.

Here is the relevant entry (ip address removed):

2021-10-06 02:48:59 xx.xx.xx.xx GET /test - 80 - xx.xxx.x.xxx Mozilla/5.0+(Windows+NT+6.1;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/93.0.4577.82+Safari/537.36 - 301 0 0 1

The application /test consists of a single index.php file that echo's the word 'hello'.

There are no url redirect rules set up in IIS. Nor are there any calls to header()

Any ideas as to how to determine why a redirect would occur on a simple web application like this? Or tips on how one can find out the cause?

For context, the server which this simple application runs on sits behind an AWS load balancer. However, the redirect definitely is occuring on the IIS server and not in some firewall or network configuration.

Additionally, the redirect only occurs when there is no "/" on the end. If there is a "/" on the end, it works. (status code = 200). I have more detailed info in this question here

Notaras
  • 611
  • 1
  • 14
  • 44
  • Like reading the PHP source code? – Lex Li Oct 06 '21 at 03:14
  • @LexLi the source code consists of one file with one `echo` statement. – Notaras Oct 06 '21 at 04:24
  • 2
    Is that the single PHP file in the whole web site? Anyway FRT should tell you where 301 comes from https://learn.microsoft.com/en-us/iis/troubleshoot/using-failed-request-tracing/troubleshooting-failed-requests-using-tracing-in-iis – Lex Li Oct 06 '21 at 04:45

1 Answers1

1

This is IIS built-in behavior. When a URL maps to a directory and the trailing slash is missing, IIS sends a redirect to add the slash. It is known as a "courtesy redirect", as explained here.

Olivier
  • 13,283
  • 1
  • 8
  • 24
  • It turns out that my larger issue was because AWS was sending http requests to the web server, not https. so when the "courtesy redirect" was occuring, it was sending back a http url to the browser instead of https. – Notaras Oct 29 '21 at 05:17