get an unencoded url from Url Rewrite IIS module

[eugeneagafonov]

url rewrite module normalizes some encoded paths in url. To get the original request url we need to get it from UNENCODED_URL server variable. Since I'm not a pro C++ developer please review the code thoroughly.

This will resolve these issues:
Url encoded characters get decoded
URLEncoded route parameters are not respected #217

[bdoss]

Ran into this issue as well. Your commit here seems to resolve the issue I was seeing with encoded forward slashes getting decoded. Thanks!

[HCanber]

It seems more reasonable to use UNENCODED_URL.
HTTP_X_ORIGINAL_URL is decoded (a bit contradictory, given the name).

The URL Rewrite Module preserves the original requested URL path in the following server variables:

• HTTP_X_ORIGINAL_URL – this server variable contains the original URL in decoded format;
• UNENCODED_URL – this server variable contains the original URL exactly as it was requested by a Web client, with all original encoding preserved.

http://www.iis.net/learn/extensions/url-rewrite-module/url-rewrite-module-configuration-reference#Preserving_Original_URL

[eugeneagafonov]

It appeared that url decoding was due to security issues involved, so I added a config value useUnencodedRequestUrl which is disabled by default. It can be enabled by adding iisnode.yml file to the web site root with the following content

# useUnencodedRequestUrl - controls whether iisnode gets request url from X-Original-URL server variable that gets sanitized by http.sys
# or from UNENCODED_URL, which represents an exact original url. Using the latter option means that the application itself will be
# responsible for possible security issues

useUnencodedRequestUrl: true

[SomaticIT]

👍