Nginx proxy_pass shows a blank page for wix.com sites - nginx

Basically, I have the same problem as
Proxying site via nginx results in blank page and https://serverfault.com/questions/850923/nginx-proxy-wix-site-shows-only-blank-page-in-browser-or-not-found, however there are no "real" solutions provided and I still have the problem of a blank page
This is my location block
location /compliance {
proxy_set_header Accept-Encoding "";
sub_filter 'wixdomain.wixsite.com' '$host';
sub_filter_once off;
proxy_pass http://wixdomain.wixsite.com/compliance;
}
However, I still see the blank page, I tried multiple other things, such as
sub_filter_types text/html text/javascript application/x-javascript or adding proxy_pass_request_headers on; or adding proxy_set_header Host $host but none of them worked.
Does anyone have an idea why this is happening? no css is loaded, every js is loaded without error (200). I'm not sure what I can do anymore to fix this issue. Could this be related that I'm on localhost:{PORT} and wix somehow disables it anyway for localhost? Should I try it out with a domain or do you see something else what is already wrong here?

In my current company we have a purchase flow (wrote in PHP) to buy a product and landing pages built in wix. We use a proxy to all our landing pages are in the same domain that our purchase flow. Our nginx proxy configuration is the following.
server {
listen 443;
location / {
proxy_ssl_server_name on;
gzip off;
proxy_set_header Accept-Encoding "";
add_header Host mi-portal.wix.com;
proxy_pass_request_headers on;
proxy_http_version 1.1;
proxy_pass https://mi-portal.wix.com/;
}
// Location to use a backend as PHP
}

Adding onto Victor's answer, since it wasn't sufficient for us, as we have included a form on our landingpage.
To serve the wix content at OURDOMAIN.com/info, we used the following configuration:
server {
listen 443;
location ~ ^/info(\/.*)?$ {
resolver 8.8.8.8;
proxy_set_header Accept-Encoding "";
proxy_pass https://XYZ.wixsite.com/info$1;
sub_filter "XYZ.wixsite.com" "OURDOMAIN.com";
sub_filter_once off;
}
location ~ ^/_api(\/.*)?$ {
resolver 8.8.8.8;
proxy_pass https://XYZ.wixsite.com/_api$1;
}
# ...
}
We had to add a sub_filter and setup a proxy_pass back to the wix API.

Related

Nginx in docker routing multiple applications

I have 3 apps that are located in 3 different sites:
auth (localhost:59500)
manage (localhost:59501)
files (localhost:59502)
Manage and files are accessed from a menu in auth
I can access them individually. However, I am unsure of how to set this up in nginx.
This is what I have currently in my nginx conf:
upstream auth {
server auth.web;
}
upstream manage {
server manage.web;
}
upstream files {
server files.web;
}
server {
listen 80;
server_name localhost;
server_tokens off;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
location /{
proxy_set_header Authorization $http_authorization;
proxy_pass_header Authorization;
proxy_pass http://auth/;
}
location /auth/{
proxy_set_header Authorization $http_authorization;
proxy_pass_header Authorization;
proxy_pass http://auth/;
}
location /manage/{
proxy_set_header Authorization $http_authorization;
proxy_pass_header Authorization;
proxy_pass http://manage/;
}
location /files/{
proxy_set_header Authorization $http_authorization;
proxy_pass_header Authorization;
proxy_pass http://files/;
}
}
My nginx is configured to run on http://localhost:9190
Currently, when I run http://localhost:9190, I get to auth without any issue and am able to login.
However, if I try to access http://localhost:9190/manage/Home, I am able to load the page but all my css shows the error 404. If any error appears, it doesnt go back to http://localhost:9190/manage/Home. Instead, it kicks me back to http://localhost:9190/Home
EDIT:
I have tried this but my css and js scripts still aren't loading. However, I am able to navigate to the manage app
location ^~ /manage{
proxy_set_header Authorization $http_authorization;
proxy_pass_header Authorization;
proxy_pass http://manage/manage;
}
location ^~ /manage/{
proxy_set_header Authorization $http_authorization;
proxy_pass_header Authorization;
proxy_pass http://manage/manage/;
}
EDIT2:
I realized that the error css and js files had a Content-Type of text/html
The files that managed to load somehow had application/javascript or text/css
Not sure how to change that.
I managed to find out the answer. There were two changes that needed to happen.
In my webapp, I needed to set a Pathbase in my Startup
app.UsePathBase("/manage");
Then in Nginx,
I needed to set the name in the location like this:
location /Manage/{
proxy_set_header Authorization $http_authorization;
proxy_pass_header Authorization;
proxy_pass http://manage_svr/Manage/;
}

Sharing location configuration in nginx

I could not decide the best name for the question.
Essentially what I want to achieve is to set a custom allowed body size for a specific location on the webserver.
On the other hand, I was able to achieve the necessary result already with duplicate code, so I am really looking for a way how to make the code reusable and to better understand the observed behavior.
The server reverse-proxies all API requests to the backend service.
In global nginx config /etc/nginx/nginx.conf I set the rule for max allowed body size like so client_max_body_size 50k;.
Then, in individual server config /etc/nginx/conf.d/example.com I have the following config (simplified):
server {
listen 80;
listen [::]:80;
server_name api.example.com www.api.example.com
location ~* /file/upload {
client_max_body_size 100M;
# crashes without this line
proxy_pass http://localhost:90;
#proxy_pass http://localhost:90/file/upload; # also works
}
location / {
# does not work
#location ~* /file/upload {
# client_max_body_size 100M;
#}
proxy_pass http://localhost:90;
}
}
I am trying to override the max body size for file upload endpoint. See that there is 1 proxy_pass for location /file/upload and another proxy_pass for location / pointing to the same internal service.
Question 1. If I remove the proxy_pass from the location /file/upload then error is returned by the server. (no status code in chrome debugger). Why is this happening? Shouldn't request be propagated further to location /?
Question 2. Why is it not possible to define the sublocation with body size override inside the / location as in commented section in example above? If I set it like this, then 413 error code is returned, which hints that the client_max_body_size rule is ignored..
Question 3. Finally, is it possible to tell nginx, after the request hits the /file/upload location - to apply all the rules from the / section? I guess one solution to this problem would be to move the common configuration into separate file and then import it in both sections.. I was thinking if there is any solution that does not require creating new files?
Here is the reusable config I am talking about basically:
location / {
#.s. kill cache. use in dev
sendfile off;
# kill cache
add_header Last-Modified $date_gmt;
add_header Cache-Control 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0';
if_modified_since off;
expires off;
etag off;
# don't cache it
proxy_no_cache 1;
# even if cached, don't try to use it
proxy_cache_bypass 1;
proxy_pass http://localhost:90;
client_max_body_size 100M;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_pass_request_headers on;
}
This is not the final version. If I had to copy this piece of code to 2 sections this would not be very friendly approach. So, it would be nice to hear some nginx lifehacks on how accomplish what I try to accomplish in a most friendly way and get some explanations for observed behavior.
Answer 1
If I remove the proxy_pass from the location /file/upload then error is returned by the server. (no status code in chrome debugger). Why is this happening?
Every location have a so-called content handler. If you don't specify content handler explicitly via proxy_pass (fastcgi_pass, uwsgi_pass, etc.) directive, nginx will try to serve the request locally.
Shouldn't request be propagated further to location /?
Of course not. What makes you think it should?
Answer 2
Why is it not possible to define the sublocation with body size override inside the / location as in commented section in example above? If I set it like this, then 413 error code is returned, which hints that the client_max_body_size rule is ignored..
I'd rather expect you'll get the same error as in the first case since your nested location does not have an explicitly specified content handler via the proxy_pass directive. However the following config is worth to try:
location / {
# all the common configuration
location /file/upload {
client_max_body_size 100M;
proxy_pass http://localhost:90;
}
proxy_pass http://localhost:90;
}
Answer 3
Finally, is it possible to tell nginx, after the request hits the /file/upload location - to apply all the rules from the / section?
No, unless you use a separate file via include directive in both locations. However you can try to move all the upstream related setup directives one level up to the server context:
server {
...
# all the common configuration
location / {
proxy_pass http://localhost:90;
}
location /file/upload {
client_max_body_size 100M;
proxy_pass http://localhost:90;
}
}
Note that some directives (e.g. add_header, proxy_set_header) are inherited from the previous configuration level if and only if there are no those directives defined on the current level.
Very often dynamic settings for different locations can be achieved using the map block in a following way:
map $uri $max_body_size {
~^/file/upload 100M;
default 50k;
}
server {
location / {
...
client_max_body_size $max_body_size;
...
}
}
Unfortunally not every nginx directive accepts variable as its argument. Usually when nginx documentation doesn't explicitly states that some directive can accept variables, it means it cannot, and the client_max_body_size is exactly that kind of directive, so the above configuration won't work.

NGINX - using sub_filter to change a path in a proxy pass location block

So I have an NGNIX server that receives traffic from the same location (Akamai) and based on the path of the incoming URL I send the traffic to different applications.
I have added a new origin to Akamai and this now means that some incoming requests now have a new path. The problem is that my application needs the path to be a certain value.
As I am sharing the Akamai slot with other origins I can't send the request with the same path to two different origins as the slot gets confused as to which origin server to direct the traffic at.
So what I would like to do is change the path before passing it to the application.
I am not sure on the best way to do this and need some assistance.
Should I use rewrite, redirect or sub_filter?
I have actually tried all three but I am missing something in this very simple task.
location /incoming_path {
max_ranges 0;
proxy_set_header Accept-Encoding "";
proxy_pass https://\$upstream_application:9002;
proxy_ssl_server_name on;
proxy_ssl_certificate /etc/nginx/conf.d/server_cert.pem;
proxy_ssl_certificate_key /etc/nginx/conf.d/server_key.pem;
proxy_set_header Host \$host;
proxy_set_header X-Real-IP \$proxy_protocol_addr;
sub_filter_types *;
sub_filter "https://\$proxy_host/incoming_path" "https://\$host/new_path"
sub_filter_once on;
}
Really would appreciate any ideas/thoughts on how to achieve this, thanks in advance.
This looks to have worked:
location /incoming_path {
max_ranges 0;
rewrite /incoming_path/(.*) /new_path/$1 break;
proxy_pass https://\$upstream_application:9002;
proxy_ssl_server_name on;
proxy_ssl_certificate /etc/nginx/conf.d/server_cert.pem;
proxy_ssl_certificate_key /etc/nginx/conf.d/server_key.pem;
proxy_set_header Host \$host;
proxy_set_header X-Real-IP \$proxy_protocol_addr;
}

nginx - adding custom header to upstream

I am trying to use nginx to set some additional custom request headers to upstream. But it is not working (no headers are set). Any help would be appreciated.
location /someUrl {
proxy_pass_request_headers on;
proxy_set_header Test ABCDE;
proxy_pass http://example.com;
}
Try reversing the order the sets like :
location /someUrl {
proxy_pass http://example.com;
proxy_set_header Test ABCDE;
proxy_pass_request_headers on;
}
I have seen this fix before but can not explain it has the documentation doesn't say anything.

nginx proxy config not forwarding requests to backend server

Below is the relevant section of my nginx.conf file.
I only see the js|css... requests forward to my backend server when i remove the initial location block in the conf file. What im trying to accomplish is to turn off nginx access logging for files of those extensions.
Anybody know a working nginx config technique to allow me to turn off the access logs yet still forward these requests to the proxy location?
...
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
access_log off;
}
location / {
if ($ignore_ua) {
access_log off;
return 200;
}
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:7777/;
}
nginx chooses a location block to process a request. In the case of .js files, your location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ block is used. None of the directives within the location / block are involved. See this document for details.
If you need conditional logging, you could use the if= parameter to the access_log directive instead of a separate location block. See this document for an example.
In your case, it might look like this:
map $request_uri $loggable {
default 1;
\.(js|css|png|jpg|jpeg|gif|ico)(\?|$) 0;
}
access_log /path/to/access.log combined if=$loggable;
Note that the map directive goes in the http block.

Resources