I have a server running behind a nginx proxy with SSL on. Testing the Admin front page gives different results on Firefox browser vs Chrome/Chromium browser.
On Firefox is working fine
On Chrome calls are giving 401.
I found particular interesting that running this command on the server access logs
grep auth /var/log/medusa/access.medusa.log | awk '$6=="\"GET" && ($9=="401" || $9=="200") {print $9 " " $14 " " $15 " " $16}'
gives:
401 Linux x86_64) AppleWebKit/537.36
200 Ubuntu; Linux x86_64;
401 Linux x86_64) AppleWebKit/537.36
200 Ubuntu; Linux x86_64;
401 Linux x86_64) AppleWebKit/537.36
200 Ubuntu; Linux x86_64;
401 Linux x86_64) AppleWebKit/537.36
401 Linux x86_64) AppleWebKit/537.36
401 Linux x86_64) AppleWebKit/537.36
401 Linux x86_64) AppleWebKit/537.36
200 Ubuntu; Linux x86_64;
401 Linux x86_64) AppleWebKit/537.36
401 Linux x86_64) AppleWebKit/537.36
...
Nginx configuration file essentially looks like this:
server {
listen 443 http2 ssl;
server_name ***;
ssl_certificate /root/.acme.sh/***.cer;
ssl_certificate_key /root/.acme.sh/***.key;
location ~ {
proxy_pass http://127.0.0.1:9000;
}
}
Obs: I removed some of the options in the above "server" configuration just to compare differences. With this minimal configuration, is still working fine on Firefox.
Obviously, the question is how to get it working on all browsers. Thanks
Related
I do Web app on NextJS with Socket.IO.
When I run my app, everything is fine. But after 2 minutes errors appear.
NGINX logs:
172.19.0.1 - - [12/Sep/2022:16:27:39 +0000] "POST /api/ HTTP/1.1" 200 147 "http://localhost/en" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.6.1 Safari/605.1.15"
172.19.0.1 - - [12/Sep/2022:16:27:59 +0000] "GET /_next/webpack-hmr HTTP/1.1" 101 269 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.6.1 Safari/605.1.15"
...
172.19.0.1 - - [12/Sep/2022:16:29:21 +0000] "GET /_next/webpack-hmr HTTP/1.1" 101 71 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.6.1 Safari/605.1.15"
172.19.0.1 - - [12/Sep/2022:16:29:26 +0000] "GET /_next/webpack-hmr HTTP/1.1" 499 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.6.1 Safari/605.1.15"
101 -- fine. 499 -- errors. But nothing happens, where are the errors coming from?
In console I see this error on each 499:
WebSocket connection to 'ws://localhost/_next/webpack-hmr' failed: WebSocket is closed before the connection is established
And this problem only on Safari (MacOS)!
On Chrome everything is okay.
From Next.js 12, HMR (Hot Module Replacement) in development uses a WebSocket connection.
When using Nginx with Next.js you'll have to configure it to pass through the WebSocket request properly.
In some cases when proxying requests to the Next.js dev server, you
will need to ensure the upgrade request is handled correctly. For
example, in nginx you would need to add the following configuration:
location /_next/webpack-hmr {
proxy_pass http://localhost:3000/_next/webpack-hmr;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
— Next.js, Upgrade Guide, Next.js' HMR connection now uses a WebSocket
I am trying to change the log format /etc/nginx/nginx.conf to:
http {
log_format custom '3,$time_iso8601,$cookie_binuDid,,IPS,,0,$remote_addr,??,Unknown,N,N,$content_type,content,fetch,N'
'$status,Y,$upstream_response_time,$status,$upstream_response_time,$upstream_response_length,$upstream_response_length'
'"$upstream_http_cache-control",$request_uri,,,,,000000,0,Unknown'
access_log /var/log/nginx/access.log custom;
Yet my access log prints:
220.233.181.158 - - [08/Dec/2019:14:26:08 +0000] "GET /static/js/5.32912c95.chunk.js HTTP/1.1" 304 0 "http://example-3.com/auth" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
I did service nginx restart after the change, with no effect.
I guess there is another configuration file that needs to be changed, but I couldn't figure. Can someone please help? Am I doing something wrong?
Whenever I'm trying to open web application my Nginx access log shows "GET /false HTTP/1.1" 404 206 "https://www.example.com/FeedifySW.js" "Mozilla/5.0 (Linux; Android 6.0; Micromax Q4260 Build/MRA58K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.85 Mobile Safari/537.36" - -
I have searched through all way possible and still couldn't find the solution. Can anyone help?
This is for an nginx server where i have hosted my web application. due to high request counts, sometimes the application crashes
"GET /false HTTP/1.1" 404 206 "https://www.example.com/FeedifySW.js" "Mozilla/5.0 (Linux; Android 6.0; Micromax Q4260 Build/MRA58K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.85 Mobile Safari/537.36" - -
I am using auth-url and auth-signin annotation for authenticating access to app. Problem is that request to URL defined with auth-url is always done with HTTP/1.0 and not with HTTP/1.1 as expected. From logs you can see that all other requests are done with HTTP/1.1.
Version used: nginx-ingress-controller:0.9.0-beta.19
Logs from ELB:
2017-11-30T14:28:30.606436Z dev-sandbox-2cb4 201.137.96.59:58692 10.10.0.101:80 0.000044 0.031215 0.000039 302 302 0 154 "GET https://example.net:443/testing/ HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2
2017-11-30T14:28:30.623944Z dev-sandbox-2cb4 24.134.104.23:40704 10.10.7.144:80 0.000029 0.01263 0.000068 401 401 0 21 "GET https://example.net:443/oauth2/auth HTTP/1.0" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2
2017-11-30T14:28:30.699239Z dev-sandbox-2cb4 201.137.96.59:58692 10.10.3.6:80 0.000028 0.001223 0.000046 302 302 0 395 "GET https://example.net:443/oauth2/start?rd=https://example.net/testing/ HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36" ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2
Annotation:
annotations:
ingress.kubernetes.io/auth-url: "https://$host/oauth2/auth"
ingress.kubernetes.io/auth-signin: "https://$host/oauth2/start"
Problem is that in the environment I need to use only 1.1 is allowed.
Is this something to be expected or am I doing something wrong?
Issue can be solved by adding
proxy_http_version 1.1;
under location = {{ $authPath }} block in nginx ingress template.
See https://github.com/kubernetes/ingress-nginx/pull/1787.
I have nginx listening on a server to serve a website www.example.com
I'm trying to redirect www.example.com/iPython to an http-server which serves a temporary iPython notebook and is sitting on the server at port 8000 https://github.com/jupyterhub/configurable-http-proxy
server {
listen 80;
server_name http://xxx.xxx.xxx.xxx;
charset utf-8;
location /iPython {
proxy_pass http://xxx.xxx.xxx.xxx:8000/;
}
}
Here is the log:
nginx_1 | xxx.xxx.xxx.xxx - - [19/Sep/2016:16:14:09 +0000] "GET /iPythontest HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.116 Safari/537.36" "-"
web_1 | Not Found: /spawn/iPythontest
nginx_1 | xxx.xxx.xxx.xxx - - [19/Sep/2016:16:14:10 +0000] "GET /spawn/iPythontest HTTP/1.1" 404 9298 "http://xxx.xxx.xxx.xxx/iPythontest" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.116 Safari/537.36" "-"
The server then gets redirected to http://www.example.com/spawn/iPython rather than http://www.example.com/iPython/spawn which returns a 404 error on my site. I would like to make sure all traffic gets redirected in this way, but I'm not sure which directive can accomplish that