Im currently developing an api with laravel 8, Nginx as web server.
but the request is getting blocked on server side.
here is my unity code
public IEnumerator MasterJsonDownload()
{
request = UnityWebRequest.Get("http://localhost:8000/GetMaster");
request.SetRequestHeader("Access-Control-Allow-Origin", "*");
request.SetRequestHeader("Method", "GET");
yield return request.SendWebRequest();
if (request.result == UnityWebRequest.Result.Success)
{
JsonLoad(request.downloadHandler.text);
_isFinished = true;
}
else
{
Debug.LogError(request.error);
}
}
here is Nginx conf setting
access_log /dev/stdout main;
error_log /dev/stderr warn;
server {
listen 80;
root /var/www/kinoko_server/public;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.html index.htm index.php;
# set client body size to 1024M #
client_max_body_size 1024M;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
if ($request_method = 'GET') {
add_header Access-Control-Allow-Origin '*';
add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS';
add_header Content-Type text/plain;
add_header Content-Length 0;
return 204;
}
add_header Access-Control-Allow-Origin '*';
add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS';
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
on laravel side, I added fruitcake by composer and made sure to add it to the 1st line of Kernel.php $middleware array
cros.php is present and only changed this value
'exposed_headers' => ['*'],
then I include the header with my response
return $json_data
->header('Access-Control-Allow-Origin', '*')
->header('Access-Control-Allow-Headers', '*')
->header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS');;
the response is working on browser, but it is getting blocked if I made it from unity.
I`m still learning and I might have forgotten a step.
by the way, I`m using docker to build up my environment.
link
Related
I am new to nginx, I have just installed it two days ago, was searching for the correct configuration but still having issue with css js not loaded,
already checked permissions and deploy files correctly
this is the content of my nginx.conf
please help with the correct config
CentOs 9, PHP 7.3, Magento 2.4
server {
listen 80;
server_name www.mydomain.com;
set $MAGE_ROOT /usr/share/nginx/html/domainuser;
include /usr/share/nginx/html/domainuser/nginx.conf.sample;
}
root $MAGE_ROOT/pub;
index index.php;
autoindex off;
charset UTF-8;
error_page 404 403 = /errors/404.php;
#add_header "X-UA-Compatible" "IE=Edge";
# Deny access to sensitive files
location /.user.ini {
deny all;
}
# PHP entry point for setup application
location ~* ^/setup($|/) {
root $MAGE_ROOT;
location ~ ^/setup/index.php {
fastcgi_pass fastcgi_backend;
fastcgi_param PHP_FLAG "session.auto_start=off \n suhosin.session.cryptua=off";
fastcgi_param PHP_VALUE "memory_limit=756M \n max_execution_time=600";
fastcgi_read_timeout 600s;
fastcgi_connect_timeout 600s;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ ^/setup/(?!pub/). {
deny all;
}
location ~ ^/setup/pub/ {
add_header X-Frame-Options "SAMEORIGIN";
}
}
# PHP entry point for update application
location ~* ^/update($|/) {
root $MAGE_ROOT;
location ~ ^/update/index.php {
fastcgi_split_path_info ^(/update/index.php)(/.+)$;
fastcgi_pass fastcgi_backend;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
include fastcgi_params;
}
# Deny everything but index.php
location ~ ^/update/(?!pub/). {
deny all;
}
location ~ ^/update/pub/ {
add_header X-Frame-Options "SAMEORIGIN";
}
}
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location /pub/ {
location ~ ^/pub/media/(downloadable|customer|import|custom_options|theme_customization/.*\.xml) {
deny all;
}
alias $MAGE_ROOT/pub/;
add_header X-Frame-Options "SAMEORIGIN";
}
location /static/ {
# Uncomment the following line in production mode
# expires max;
# Remove signature of the static files that is used to overcome the browser cache
location ~ ^/static/version {
rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last;
}
location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2|html|json)$ {
add_header Cache-Control "public";
add_header X-Frame-Options "SAMEORIGIN";
expires +1y;
if (!-f $request_filename) {
rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
}
}
location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
add_header Cache-Control "no-store";
add_header X-Frame-Options "SAMEORIGIN";
expires off;
if (!-f $request_filename) {
rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
}
}
if (!-f $request_filename) {
rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
}
add_header X-Frame-Options "SAMEORIGIN";
}
location /media/ {
try_files $uri $uri/ /get.php$is_args$args;
location ~ ^/media/theme_customization/.*\.xml {
deny all;
}
location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
add_header Cache-Control "public";
add_header X-Frame-Options "SAMEORIGIN";
expires +1y;
try_files $uri $uri/ /get.php$is_args$args;
}
location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
add_header Cache-Control "no-store";
add_header X-Frame-Options "SAMEORIGIN";
expires off;
try_files $uri $uri/ /get.php$is_args$args;
}
add_header X-Frame-Options "SAMEORIGIN";
}
location /media/customer/ {
deny all;
}
location /media/downloadable/ {
deny all;
}
location /media/import/ {
deny all;
}
location /media/custom_options/ {
deny all;
}
location /errors/ {
location ~* \.xml$ {
deny all;
}
}
# PHP entry point for main application
location ~ ^/(index|get|static|errors/report|errors/404|errors/503|health_check)\.php$ {
try_files $uri =404;
fastcgi_pass fastcgi_backend;
fastcgi_buffers 16 16k;
fastcgi_buffer_size 32k;
fastcgi_param PHP_FLAG "session.auto_start=off \n suhosin.session.cryptua=off";
fastcgi_param PHP_VALUE "memory_limit=756M \n max_execution_time=18000";
fastcgi_read_timeout 600s;
fastcgi_connect_timeout 600s;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
gzip on;
gzip_disable "msie6";
gzip_comp_level 6;
gzip_min_length 1100;
gzip_buffers 16 8k;
gzip_proxied any;
gzip_types
text/plain
text/css
text/js
text/xml
text/javascript
application/javascript
application/x-javascript
application/json
application/xml
application/xml+rss
image/svg+xml;
gzip_vary on;
# Banned locations (only reached if the earlier PHP entry point regexes don't match)
location ~* (\.php$|\.phtml$|\.htaccess$|\.git) {
deny all;
}
This is what my current server block looks like:
server {
listen 80;
server_name www.domain.com domain.com;
return 301 https://www.domain.com$request_uri;
access_log /var/log/nginx/domain.com.access;
error_log /var/log/nginx/domain.com.error error;
}
## BETA
server {
listen 443 ssl http2;
keepalive_timeout 300;
This works perfectly in redirecting non https www and non https non www to https://www.domain.com
Unfortunately https non www was not being redirected so I altered to this:
server {
listen 80;
server_name www.domain.com domain.com;
return 301 https://www.domain.com$request_uri;
access_log /var/log/nginx/domain.com.access;
error_log /var/log/nginx/domain.com.error error;
}
## BETA
server {
listen 443 ssl http2;
server_name domain.com;
return 301 https://www.domain.com$request_uri;
keepalive_timeout 300;
Unfortunately this only managed to crash the server.
Any input on what I'm doing wrong would be greatly appreciated.
As requested here is my conf file. nginx -t returns a success
server {
listen 80;
server_name www.example.com example.com;
return 301 https://www.example.com$request_uri;
access_log /var/log/nginx/example.com.access;
error_log /var/log/nginx/example.com.error error;
}
## BETA
server {
listen 443 ssl http2;
keepalive_timeout 300;
charset utf-8;
add_header Strict-Transport-Security 'max-age=63072000; includeSubDomains; preload';
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;
ssl_certificate /etc/ssl/certs/wc.example.com.pem;
ssl_certificate_key /etc/ssl/certs/wc.example.com.key;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 30m;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
server_name www.example.com;
# SSL buffer size was added in 1.5.9
ssl_buffer_size 1400; # 1400 bytes to fit in one MTU
access_log /var/log/nginx/dev.example.com.access;
error_log /var/log/nginx/dev.example.com.error error;
root /srv/storage/pxpubl29/www.example.com/htdocs/;
index index.php index.html index.htm;
location / {
#try_files $uri $uri/ =404;
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ ^/pages {
try_files $uri /index.php$is_args$args;
rewrite ^/pages/free_chat.php$ /pages/free-chat.php permanent;
}
location ~ ^/upl {
client_max_body_size 400M;
client_body_buffer_size 1024k;
# For CORS
if ($request_method = OPTIONS) {
add_header Pragma no-cache;
add_header X-Content-Type-Options nosniff;
# Access control for CORS
add_header Access-Control-Allow-Origin "https://www.example.com";
add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS";
add_header Access-Control-Allow-Headers "cache-control, content-range, accept, origin, session-id, content-disposition, x-requested-with, content-type, content-description, referer, user-agent";
add_header Access-Control-Allow-Credentials "true";
# 10 minute pre-flight approval
add_header Access-Control-Max-Age 600;
return 204;
}
if ($request_method = POST) {
add_header Pragma no-cache;
add_header X-Content-Type-Options nosniff;
#add_header Cache-control "no-story, no-cache, must-revalidate";
# Access control for CORS
add_header Access-Control-Allow-Origin "https://www.example.com";
add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS";
add_header Access-Control-Allow-Headers "cache-control, content-range, accept, origin, session-id, content-disposition, x-requested-with, content-type, content-description, referer, user-agent";
add_header Access-Control-Allow-Credentials "true";
# 10 minute pre-flight approval
add_header Access-Control-Max-Age 600;
}
location ~ \.php$ {
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PHP_VALUE "session.name=space_sid
session.cookie_domain=.example.com
upload_max_filesize=400M
post_max_size=400M";
include fastcgi_params;
fastcgi_index index.php;
}
}
location ~ \.php$ {
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PHP_VALUE "session.name=space_sid
session.cookie_domain=.example.com
upload_max_filesize=400M
post_max_size=400M";
include fastcgi_params;
fastcgi_index index.php;
}
location /samples {
return 301 /;
}
location ~ ^/large {
try_files $uri $uri/ /large/index.php;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_index index.php;
}
}
location /avc {
rewrite ^/avc/users_(.+)$ /avc/users_php.php break;
rewrite ^/avc/undefined$ /avc/integration_xml.php break;
rewrite ^/avc/avc_settings.xml$ /avc/integration_xml.php break;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_index index.php;
}
location = /avc/avc_settings.xml {
rewrite ^(.*)$ /avc/integration_xml.php break;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_index index.php;
}
location /upl/server/php/files {
location ~ \.php$ {return 403;}
}
location ~ .*/\.git {
deny all;
}
# Force the latest IE version
add_header "X-UA-Compatible" "IE=Edge";
# This tells Nginx to cache open file handles, "not found" errors, metadata about files and their permissions, etc.
open_file_cache max=1000 inactive=20s;
open_file_cache_valid 30s;
open_file_cache_min_uses 2;
open_file_cache_errors on;
#location ~* \.(js|css|png|jpg|jpeg|gif|ico|ttf|svg)$ {
# expires 14d;
# add_header Pragma "public";
# add_header Cache-Control "public, must-revalidate, proxy-revalidate";
#}
# The X-Frame-Options header indicates whether a browser should be allowed
# to render a page within a frame or iframe.
add_header X-Frame-Options SAMEORIGIN;
# MIME type sniffing security protection
# There are very few edge cases where you wouldn't want this enabled.
add_header X-Content-Type-Options nosniff;
# The X-XSS-Protection header is used by Internet Explorer version 8+
# The header instructs IE to enable its inbuilt anti-cross-site scripting filter.
add_header X-XSS-Protection "1; mode=block";
# cache.appcache, your document html and data
location ~* \.(?:manifest|appcache|html?|xml|json)$ {
expires -1;
}
# Feed
location ~* \.(?:rss|atom)$ {
expires 1h;
add_header Cache-Control "public";
}
# Media: images, icons, video, audio, HTC
location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc|swf|mp3)$ {
expires 1M;
access_log off;
add_header Cache-Control "public";
}
# CSS and Javascript
location ~* \.(?:css|js)$ {
expires 1y;
access_log off;
add_header Cache-Control "public";
}
# WebFonts
# If you are NOT using cross-domain-fonts.conf, uncomment the following directive
location ~* \.(?:ttf|ttc|otf|eot|woff|woff2)$ {
expires 1M;
access_log off;
add_header Cache-Control "public";
}
# ERROR Pages
error_page 404 /error/404/;
error_page 403 /error/403/;
error_page 401 /error/401/;
# ACL
# deny all;
}
I have a weird 301 redirection issue. My server is set up to handle multiple domains pointing to the server, i.e.
The main domain: https://maindomain.com
An N number of custom domains: http://somecustomdomain.com, http://anothercustomdomain.com, etc.
However there is a strange 301 issue when visiting a custom domain and including www., like: http://www.somecustomdomain.com. On the maindomain this works fine:
When visiting https://www.maindomain.com/some-uri it will redirect to: https://maindomain.com/some-uri
However, when visiting a custom domain it redirects from: http://www.somecustomdomain.com/some-uri to https://maindomain.com/some-uri (!!). You would expect it to redirect to: http://somecustomdomain.com/some-uri
I have tried debugging this issue (ensured that my browser does not cache the 301 redirects) and I have not been able to resolve the issue. I have three nginxs confiugrations inside my sites-available directory. They are listed here:
maindomain.com
catch-all (I have tried removing this file, so only maindomain.com exists, but problem still occours)
www.maindomain.com (I have tried removing this file, so only maindomain.com exists, but problem still occours)
maindomain.com contents
server {
listen 80;
server_name maindomain.com;
return 301 https://maindomain.com$request_uri;
}
server {
listen 443 ssl;
server_name maindomain.com;
root /home/forge/maindomain.com/public;
# FORGE SSL (DO NOT REMOVE!)
ssl_certificate /etc/nginx/ssl/maindomain.com/30126/server.crt;
ssl_certificate_key /etc/nginx/ssl/maindomain.com/30126/server.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
index index.html index.htm index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
access_log off;
error_log /var/log/nginx/maindomain.com-error.log error;
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}
catch-all contents
server {
listen 80;
server_name ~^(.+)$;
root /home/forge/maindomain.com/public;
index index.html index.htm index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
access_log off;
error_log /var/log/nginx/maindomain.com-error.log error;
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}
www.maindomain.com contents
server {
listen 80;
server_name www.maindomain.com;
return 301 $scheme://maindomain.com$request_uri;
}
If i CURL into http://www.somecustomdomain.com/some-uri this is the content I receive:
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8" />
<meta http-equiv="refresh" content="1;url=https://maindomain.com/some-uri" />
<title>Redirecting to https://maindomain.com/some-uri</title>
</head>
<body>
Redirecting to https://maindomain.com/some-uri.
</body>
</html>%
You need an extra server configuration for www domains:
server {
server_name ~^(www\.)?(?<domain>.+)$;
location / {
return 301 $scheme://$domain/$uri;
}
}
I'm a bit stuck. I'm setting up a new installation of JTL-Shop3 on Nginx. But whenever I call https://www.domain.tld/ it becomes http://www.domain.tld/ and the other way around and ends up showing an error because the webpage is redirecting in a loop.
Here is my nginx config for Non-SSL
# redirect non www to www
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
server_name trendboxx.eu www.trendboxx.eu;
return 301 https://www.trendboxx.eu$request_uri;
}
And here the config for the SSL vhost
server {
listen 443 ssl;
ssl on;
ssl_certificate /srv/www/trendboxx.eu/certificates/www.trendboxx.eu.crt;
ssl_certificate_key /srv/www/trendboxx.eu/certificates/www.trendboxx.eu.key;
server_name www.trendboxx.eu;
access_log /srv/www/trendboxx.eu/logfiles/nginx.access.log;
error_log /srv/www/trendboxx.eu/logfiles/nginx.error.log;
root /srv/www/trendboxx.eu/public_html;
index index.php;
location / {
# try file => folder => JTL-Shop3 Search
try_files $uri $uri/ /index.php?q=$uri$args;
}
# error pages
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# JTL-Shop3 expires for static files
location ~* \.(eot|ttf|woff|css|less)$ {
expires max;
add_header Access-Control-Allow-Origin *;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
access_log off;
log_not_found off;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
access_log off;
log_not_found off;
}
# PHP handler
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_read_timeout 180;
proxy_read_timeout 180;
}
# deny access to hidden files
location ~ /\. {
deny all;
}
}
I am gratefull for every hint on how to solve this problem.
I am trying to convert my apache redirection directives to nginx one, for now I have the following directive:
server {
listen 80;
index index.php index.html;
server_name myvisit_head;
root /var/www/mv/head/myvisit/;
access_log /var/log/nginx/myvisit-access.log;
error_log /var/log/nginx/myvisit-error.log;
# Use gzip compression
# gzip_static on; # Uncomment if you compiled Nginx using --with-http_gzip_static_module
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 5;
gzip_buffers 16 8k;
gzip_http_version 1.0;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/$
# error pages
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /var/www;
}
# Deny access to hidden files
location ~* /\.ht {
deny all;
access_log off;
log_not_found off;
}
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~* /myvisitv3 {
rewrite /(myvisitv3|myvisitV3|myVisitv3|myVisitV3)([-_])(.*).(html|php)$ /myvisitv3.php?libAdresse=$3 break;
}
# Pass PHP scripts on to PHP-FPM
include global/php-fpm.conf;
location ~* \.php$ {
try_files $uri /index.php;
fastcgi_index index.php;
fastcgi_pass php5-fpm-sock;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param PHP_VALUE "auto_prepend_file=/var/www/profile/external/header.php \n
auto_append_file=/var/www/profile/external/footer.php";
include /etc/nginx/fastcgi_params;
}
}
but when I try to access the url I get a 404 not found error.
I have tried both with location, request_uri directive but the result is the same
here's my apache rules:
RewriteEngine on
RewriteRule ^(myvisitv3|myvisitV3|myVisitv3|myVisitV3)([-_])(.*).(html|php)$ myvisitv3.php?libAdresse=$3 [L,QSA]
RewriteRule ^(openVisit|openvisit).(html|php)$ openvisitv3.php [L,QSA]
RewriteRule ^(favicon).(ico|png|bmp|jpg)$ web/img/favicon.ico [L,QSA]
These rules use case insensitive matching to spare us the hassle of handling those so many cases.
location ~* /myvisitv3[-_](.*)\.(?:html|php) {
try_files $uri $uri/ /myvisitv3.php?libAdresse=$1;
}
location ~* /openvisit\.(?:html|php)$ {
try_files $uri $uri/ /openvisitv3.php;
}
location ~* /favicon\.(?:ico|png|bmp|jpg)$ {
try_files $uri $uri/ /web/img/favicon.ico;
}