科技改变生活-雨落星辰 - 所有的伟大,都源于一个勇敢的开始

    最新消息:雨落星辰是一个专注网站SEO优化、网站SEO诊断、搜索引擎研究、网络营销推广、网站策划运营及站长类的自媒体原创博客
    你的位置: 首页>programmer>docker - Handling in a reverse proxy configuration, status code 419 is replaced with 500 - Stack Overflow

    docker - Handling in a reverse proxy configuration, status code 419 is replaced with 500 - Stack Overflow

    programmeradmin2浏览0评论

    Local Development Environment.

    I have touched a little the template file with which the nginx configurations are generated, the result is the following:

    # from nginxproxy/nginx-proxy
# uknp.dock/
upstream uknp.dock {
    # Container: WSDD-Web-Server-PHP8.3
    #     networks:
    #         wsdd-network (reachable)
    #     IP address: 172.18.0.2
    #     exposed ports (first ten): 10000/tcp 80/tcp
    #     default port: 80
    #     using port: 80
    server 172.18.0.2:80;
}
server {
    server_name uknp.dock;
    access_log /var/log/nginx/access.log vhost;
    http2 on;
    listen 80 ;
    location /.well-known/acme-challenge/ {
        proxy_intercept_errors off;
        fastcgi_intercept_errors off;
        auth_basic off;
        allow all;
        root /usr/share/nginx/html;
        try_files $uri =404;
        break;
    }
    listen 443 ssl ;
    ssl_session_timeout 5m;
    ssl_session_cache shared:SSL:50m;
    ssl_session_tickets off;
    ssl_certificate /etc/nginx/certs/uknp.dock.crt;
    ssl_certificate_key /etc/nginx/certs/uknp.dock.key;
    location / {
        proxy_intercept_errors off;
        fastcgi_intercept_errors off; 
        proxy_pass ;
        set $upstream_keepalive false;
        # Add these headers to keep the original status codes
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Host $host;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Real-IP $remote_addr;
        # Ensure that HTTP status codes are not modified
        proxy_ignore_headers Set-Cookie;
        proxy_pass_request_headers on;
    }
    # custom 419 error
    error_page 419 = /custom_419.html;
    location = /custom_419.html {
        internal;
        add_header Content-Type text/html;
        return 419 "Session expired or CSRF token invalid.";
    }
}

    This is supposedly my reverse proxy configuration pointing to an Apache container (which was working fine until I had to implement a 419 status code for CSRF).

    Regardless of my Nginx configuration, it keeps converting/overwriting the 419 error to a 500...

    <?php
// Set headers to avoid caching
header('Cache-Control: no-cache, no-store, must-revalidate');
header('Pragma: no-cache');
header('Expires: 0');

// Set custom header for CSRF
header('X-CSRF-TOKEN: expired_token_12345');

// Set status code 419 (CSRF Token Expired)
http_response_code(419);

// Response content in JSON format
header('Content-Type: application/json');

echo json_encode([
    'error' => true,
    'message' => 'CSRF token has expired',
    'code' => 419,
    'status' => 'CSRF_TOKEN_EXPIRED'
]);

    Note: I have already restarted the services/containers. I have already verified that everything in the backend works well as expected... at least the reverse proxy seems to do whatever it wants...

    继续浏览有关 的文章

    与本文相关的文章

    发布评论

    评论列表(0)

    1. 暂无评论