Sanibel Logic LLC

...Scalable Technologiesfor the Enterprise

Regular Expression Syntax Testing and Validation

Another common question I get some from licensees of SSLRedirect, HttpCompressionAgent and nUrlRewriter is how to construct meaningful Regular Expressions which will match an incoming URL for the licensee's intended conditions.   Of course, it is my intention to use Regular Expressions within these products because Regular Expressions are an effective tool for testing a broad range of conditions.  However, it is not my intention to educate you on Regular Expression syntax.  I have found a number of Internet sources for such Regular Expression syntax knowledge....simply by Googling "Regular Expressions".

I did develop a Test Regular Expression web page, which allows you to key in an incoming string, followed by a Regular Expression string to see if the Regular Expression will match the incoming string.  CLICK HERE to use this Regular Expression test web page.

The Test Regular Expression web page is illustrated below:

RETest

Regular Expression String Encoding

Sanibel Logic has a number of products which utilize Regular Expressions.  One common question asked by licensees is how to encode Regular Expression strings within the web.config file.  Because the web.config conforms to rules for HTML encoding, any such string must first be HTML encoded, as provided by the .NET System.Web.HttpUtility.HtmlEncode method.  After the string is HTML encoded then we must consider Regular Expression special characters, which must be escaped and include the following special characters:

  • "\" - Backslash
  • "^" - Carat
  • "." - Period
  • "[" - Left bracket
  • "$" - Dollar sign
  • "(" - Left parenthesis
  • ")" - Right parenthesis
  • "|" - Pipe
  • "*" - Asterisk
  • "+" - Plus
  • "?" - Question mark
  • "{" - Left curly bracket

SSLRedirect uses Regular Expression values within the web.config SSLRedirect configuration section, within the urlsIn and urlsOut Xml tags.

HttpCompressionAgent also uses Regular Expression values within its web.config HttpCompression configuration section, within the mimeTypes, urls, assemblies and urlReferrers Xml tags.

To shortcut the process of browsing the Internet, so one can determine how to HTML encode and properly allow for Regular Expression special characters, I have written a basic web transaction which will transform an input Regular Expression string.   Click HERE to try the Regular Expression transformation web transaction.

Sample output from the Regular Expression Transformation web transaction is included for your benefit below...

Regular Expression Transformation Web Transaction

SSLRedirect Interoperability with ISA Server 2006

In certain senarios, SSLRedirect HTTPS:// redirected URLs will be changed back to HTTP:// URLs by the Microsoft ISA Server 2006, resulting in an endless loop between SSLRedirect and ISA Server 2006.  This is a problem with ISA Server 2006, however can be fixed with an ISA Server 2006 configuration change.

Symptom is outlined as:

  • You have a computer that is running Microsoft Internet Security and Acceleration (ISA) Server 2006 or Microsoft Internet Security and Acceleration (ISA) Server 2004 in a split DNS infrastructure. 
  • You have a Web server that automatically redirects HTTP requests to Secure Socket Layer (SSL) requests (in this case; SSLRedirect).
  • You create a Web publishing rule for the Web server that redirects HTTP requests to HTTPS.
  • You use one of the following configurations:
    • You configure the Web listener to listen for HTTP requests and also to use bridging. 
    • You configure the Web listener and the bridging for both HTTP and for SSL requests (HTTPS). 

In this scenario, when the Web server receives an HTTP request, it redirects the request to the ISA server as an SSL request (HTTPS).

For example, http://www.contoso.com is redirected to https://www.contoso.com.Then, the ISA server translates SSL requests to HTTP requests and redirects it back to the Web server. This causes an endless loop.

The resolution for the ISA Server 2006 problem is outlined in Microsoft Knowledge Base article 924373 .  In the KB article, follow the method 2 explicit mapping configuration change.

Here is an email from a licensee who configured the ISA Server 2006 fix as outlined in the above KB article:

Email_3

DotNetNuke (DNN) 4.8.4 Login Problem

A problem has been reported with DotNetNuke 4.8.4 which is problematic for SSLRedirect.  The problem occurs during the DNN login process.  This DNN 4.8.4 problem has been reported to the DNN support team, and they plan a timely release of 4.8.5, as documented in this discussion thread:

http://www.dotnetnuke.com/Community/Forums/tabid/795/forumid/118/threadid/235241/scope/posts/Default.aspx

The above discussion thread is rather lengthy, six web pages actually, however after reading this thread I think you will conclude to skip over DNN 4.8.4.

Verifying SSL Certificate Installation

Probably the most frequent SSLRedirect installation problem is the fact that one's SSL Certificate is not properly installed beforehand.  I truly believe in a "process of elimination" when it comes to problem isolation, so I would suggest that the easiest thing to do to verify one's SSL Certificate installation is to first create a native HTML Hello World web page (HelloWorld.html).   Once created and one is sure that the SSL Certficate has been installed properly and the web site bindings are properly defined within IIS (port 80 for HTTP traffic and usually port 443 for HTTPS traffic), then simply try invoking the HelloWorld.html web page to ensure its usage with both HTTP and HTTPS.  Use of the simple HelloWorld.html web page will bypass SSLRedirect and any content management system, such as DotNetNuke.  If the HelloWorld.html web page works properly with both HTTP and HTTPs then you are set to try SSLRedirect with your real world web site environment.