403 error with ServiceStack

Just a quick note on request which fails with 403 Forbidden error when served with ServiceStack host.

First of all, the above file is a Javascript source map file, which browsers like Chrome can use to assist in debugging minified javascript source.

The minified file angular.min.js has this:


And the map file has to exist in the same location as the minified file.

ServiceStack host has to know about this to be able to respond to such requests. This is good because it does no allow some odd files to be retrieved therefore minifies the attack surface.

So, when you need to allow ServiceStack to respond with files, having whatever file extension and define proper mime type for it, use the snippet below. This has to go into the app host's Configure method override:

var hostConfig = new HostConfig  
        HandlerFactoryPath = "api/v1",
        MetadataRedirectPath = "/",

MimeTypes.ExtensionMimeTypes["map"] = "application/javascript";