Search for terms beginning with 'bin' is blocked by IIS

[blairlearn]

Issue description

Searching for terms beginning with 'bin' (e.g. https://webapis.cancer.gov/glossary/v1/Terms/search/Cancer.gov/Patient/en/bin?matchType=Begins&size=100) result in a 404 response instead of a search.

This is because of "bin" appearing as a path fragment. In order to prevent sensitive files (e.g. configuration data and binaries) from being exposed on the web, IIS defaults to disallowing URLs with "bin" as one of the fragments.

This also applies to autosuggest. e.g. https://webapis.cancer.gov/glossary/v1/Autosuggest/Cancer.gov/Patient/en/bin?matchType=Begins&size=20

ESTIMATE 20

Steps to reproduce the issue

1. Browse to https://webapis.cancer.gov/glossary/v1/Terms/search/Cancer.gov/Patient/en/bin?matchType=Begins&size=100

What's the expected result?

• JSON search results.

What's the actual result?

• A 404 error message.

Additional details / screenshot

• ![Screenshot]()

Related Tickets

• Issue #9999
• Issue #9999

[blairlearn]

I propose we remove bin from IIS' list of hidden segments. The API has no bin directory anyhow, so this isn't actually protecting anything. (Unlike web forms applications, the API's binaries and configuration files aren't intermixed with content files. Content, such as the build-info.json is served from a separate wwwroot directory, a level below the code which implements the API.)

The default list of hidden items is

• bin
• web.config
• App_code
• App_GlobalResource
• App_LocalResource
• App_WebReferences
• App_Data
• App_Browsers

Aside from bin, the rest seem unlikely search terms.