this is my supervisord web config, with no password
[inet_http_server]
port=127.0.0.1:9001
;username=user
;password=1234
and this is my nginx config for it
location /supervisor/ {
proxy_pass http://127.0.0.1:9001;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Real-IP $remote_addr;
add_header P3P 'CP="ALL DSP COR PSAa PSDa OUR NOR ONL UNI COM NAV"';
}
If I access 127.0.0.1:9001 directly from within my server I get the info I need:
root#gosthost:~# curl 127.0.0.1:9001
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>Supervisor Status</title>
<link href="stylesheets/supervisor.css" rel="stylesheet" type="text/css" />
<link href="images/icon.png" rel="icon" type="image/png" />
</head>
<body>
<div id="wrapper">
... bla bla bla
</div>
<div class="clr" id="footer">
<div class="left">
Supervisor <span>3.1.3</span>
</div>
<div class="right">
© 2006-<span>2015</span> <strong>Agendaless Consulting and Contributors</strong>
</div>
</div>
</body>
but if I try to access it from outside world it gives me 404:
root#gosthost:~# curl http://46.101.172.89/supervisor/
<head>
<title>Error response</title>
</head>
<body>
<h1>Error response</h1>
<p>Error code 404.
<p>Message: Not Found.
</body>
But that's not nginx's native response. I can see that because nginx signs its own error responses, see below. This is typical nginx response
curl http://46.101.172.89/media/
<html>
<head><title>403 Forbidden</title></head>
<body bgcolor="white">
<center><h1>403 Forbidden</h1></center>
<hr><center>nginx/1.6.2</center>
</body>
</html>
so there is something wrong with supervisor. What could that be?
little bit late, but I had the same problem and was trying everything and found solution
proxy_pass http://127.0.0.1:9001/;
you missed / :)
Related
I need classic "URL redirect" and, supposing that location return is valid, I used:
location ~ ^/?[RrWwNn]?[0-9]+$ {
rewrite
^/?[Rr]?([0-9]+)$
/relation/$1
break;
rewrite
^/?[Ww]?([0-9]+)$
/way/$1
break;
rewrite
^/?[Nn]?([0-9]+)$
/node/$1
break;
# proxy_pass https://www.openstreetmap.org;
return 301 https://www.openstreetmap.org;
}
But it returns 404 Not Found.
Note about commented proxy_pass
It is not a URL or a rewrite problem, because proxy_pass is working as expected. The problem on preserving my domain is the relative path on OpenStreetMap's HTML (src and href attributes), that demands files that not exists on my domain. Example:
<!DOCTYPE html>
<html lang="en" dir="ltr">
...
<script src="/assets/application-2b1976907d32c6d0274def6df7df5970c274bc239f2cbd39ab43bd94cb828407.js"></script>
...
<link rel="stylesheet" href="/assets/screen-ltr-dccece0ade0dcdf51378c9d06264575b38c6bb23351144314efde0956d6883cf.css" media="screen" />
...
I do get the following errors and warnings on the firefox console logs, but nothing displays on the Chrome console logs.
errors such as,
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://googleads.g.doubleclick.net/pagead/id. (Reason: CORS request did not succeed). Status code: (null).
warnings such as,
Some cookies are misusing the recommended “SameSite“ attribute
The resource at “<URL>” was blocked because content blocking is enabled.
following are a similar sample of static HTML code and Nginx config file.
HTML,
<!DOCTYPE html>
<html lang="ja">
<head>
<title>title</title>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width" />
<meta http-equiv="Content-Security-Policy" content="frame-src youtube.com www.youtube.com">
<link rel="stylesheet" href="styles.css" type="text/css" />
<script
src="https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js"
type="text/javascript"></script>
<script type="text/javascript">
WebFont.load({
google: {
families: ['Noto Sans JP:100,300,regular,500,700,900:japanese,latin'],
},
});
</script>
</head>
<body class="body">
<div class="video">
<div class="yt-video">
<iframe src="https://www.youtube.com/embed/tgbNymZ7vqY" title="test" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe>
</div>
</div>
</body>
</html>
nginx headers & security policy headers in the server block as follows,
add_header Content-Security-Policy "script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com *.googleapis.com; frame-src 'self' *.youtube.com; object-src 'self'";
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
I would like to know how to get rid of these errors if possible or should i just ignore, any kind of advice would be helpful.
Thank you.
I am total Nginx newbie and I am doing my best to compose a UI. Let me give You my short nginx config file:
upstream wizard {
server wizard:80;
}
server {
listen 80;
server_name localhost;
ssi on;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
try_files $uri /index.html;
}
location /wizard {
proxy_pass http://wizard;
}
}
and the "master" html with SSI command:
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Portal</title>
</head>
<body>
<h1>Portal</h1>
<!--#include virtual="/wizard" -->
</body>
</html>
and the index.html from the location pointed by the proxy;
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>My web</title>
<h2>IPA</h2>
<script type="module" crossorigin src="/assets/index.41982ecd.js"></script>
<link rel="modulepreload" href="/assets/vendor.d39310c0.js">
<link rel="stylesheet" href="/assets/index.f1b61ee0.css">
</head>
<body>
<div id="app"></div>
</body>
</html>
Now this lines from the last html are problematic:
src="/assets/index.41982ecd.js"
href="/assets/vendor.d39310c0.js"
href="/assets/index.f1b61ee0.css"
Because I get 404 not found. The problem is obvious, nginx fetches the html, does SSI and then the browser tries to load the script, css which are not there (they are in the site pointed by the proxy). I can solve this by adding next location in the nginx config:
location /assets {
proxy_pass http://wizard;
}
But is there another way? I can imagine I will have more web pages with asset folders. I can do the renames but yeah... I am looking for other options to solve this.
I'm trying to display like ${mesg}, it's not displaying the content, which is coming from the Spring controller. I have tried many ways, but no luck.
<html>
<head> <meta charset="ISO-8859-1">
<title>HOME</title>
</head>
<body>
<div align="center"> ${mesg} </div>
</body>
</html>
#RequestMapping(value="/savefile",method=RequestMethod.POST)
public String getStatus(#PathParam("pwd") String Pwd,ModelMap map){
System.out.println(":::pwd::"+Pwd);
map.addAttribute("mesg", "Welcome to mBOK");
return "Success";
}
Does anyone know if it's possible to hide a layout:fragment if it is not specified in the calling page?
For example, I have a page layout.html that has something like (where there is a separate fragment.html file with header and footer fragments):
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:th="http://www.thymeleaf.org"
xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout"
th:lang = "en">
<head>
<title layout:title-pattern="$CONTENT_TITLE">TITLE</title>
</head>
<body>
<header layout:replace="fragment :: header">HEADER</header>
<section layout:fragment="messages">MESSAGES</section>
<section layout:fragment="content">CONTENT</section>
<footer layout:replace="fragment :: footer">FOOTER</footer>
</body>
</html>
If in a calling page to the layout that I don't want to include the "messages" fragment, is there a way to do it by just not including that code? For example (say, simple.html):
<html layout:decorator="layout">
<head>
<title th:text=#{PAGETITLE_SIMPLE}>SIMPLE PAGE TITLE</title>
</head>
<body>
<section layout:fragment="content">
<p>Put in some random content for the body of the simple page</p>
</section>
</body>
This will still put into the rendered HTML the text "MESSAGES" inside a <section>-tag.
I have been able to put into this simple.html
<section layout:fragment="messages" th:remove="all"></section>
But this seems somewhat sloppy and was wondering if there was a way to hide that from the users of the layout by putting the logic in the layout to ignore that fragment altogether.
Using Spring 4.1.6, Thymleaf 2.1.4, and Layout Dialect 1.3.3.
Thanks
I was able to resolve this by applying the methods posted by Serge Ballesta in How to check Thymeleaf fragment is defined to the layout dialect.
This is what the rewritten layout.html looks like:
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:th="http://www.thymeleaf.org"
xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout"
th:lang = "en">
<head>
<title layout:title-pattern="$CONTENT_TITLE">TITLE</title>
</head>
<body>
<header layout:replace="fragment :: header">HEADER</header>
<section layout:replace="this :: messages">MESSAGES</section>
<section layout:fragment="content">CONTENT</section>
<footer layout:replace="fragment :: footer">FOOTER</footer>
</body>
</html>
This way, if the calling page (simple.html) only has the <section> for content, no HTML will be rendered for the section for messages. But if the page did have the following, it will be included as intended:
<section layout:fragment="messages">
<p>Message 1</p>
<p>Message 2</p>
</section>