当前位置: 首页 > 知识库问答 >
问题:

Ngnix Jsession更改重定向问题

葛成济
2023-03-14

有一个设置,比如在www.xyz.com上运行一个应用程序,并且有一个报告使rest访问托管在www.abc.com上的应用程序。

由于IE8上CORS的奇怪问题,我们在www.xyz.com上进行rest访问,但实际上服务是在www.abc.com上托管的,所以在ngnix级别上,我们将rest请求从www.xyz.com重定向到www.abc.com。


    server {
            listen 80;
            server_name www.xyz.com;
            charset utf-8;
            rewrite     ^(.*)   https://$server_name$1 permanent;
    }

    server {
            listen 443;
            ssl on;
            ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
            ssl_certificate /etc/nginx/ssl.crt/server.crt;
            ssl_certificate_key /etc/nginx/ssl.key/server.key;
            server_name www.xyz.com;
            error_log /var/log/nginx/error.log;
            charset utf-8;


            location / {
                    proxy_pass http://localhost:97;
                    proxy_set_header X-Real-IP $remote_addr;
                    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                    proxy_set_header Host $http_host;
                    client_max_body_size 10M;
            }

            location /api/rest/b2b/v1/report/filters/program-summary {
                proxy_pass   http://localhost:90/api/rest/b2b/v1/report/filters/program-summary;
                proxy_redirect off;
                proxy_pass_request_headers on;
                 proxy_set_header X-Real-IP $remote_addr;
                 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                 proxy_set_header Host $http_host;
                client_max_body_size 10M;
                proxy_set_header X-Forwarded-Proto https;
    'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,origin,authorization,accept,client-security-token';
            }
           location /api/rest/b2b/v1/report/headers/grid/program-summary/DATAGRID {
                proxy_pass   http://localhost:90/api/rest/b2b/v1/report/headers/grid/program-summary/DATAGRID;
                proxy_redirect off;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
               proxy_pass_request_headers on;
               proxy_set_header Host $http_host;
                client_max_body_size 10M;
                proxy_set_header X-Forwarded-Proto https;
    'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,origin,authorization,accept,client-security-token';
            }

            location /api/rest/b2b/v1/report/headers/grid/program-summary/SALES_REP {
                proxy_pass    http://localhost:90/api/rest/b2b/v1/report/headers/grid/program-summary/SALES_REP;
                proxy_redirect off;
                proxy_set_header X-Real-IP $remote_addr;
               proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
               proxy_pass_request_headers on;
               proxy_set_header Host $http_host;
                client_max_body_size 10M;
                proxy_set_header X-Forwarded-Proto https;
    'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,origin,authorization,accept,client-security-token';
            }
            location /api/rest/b2b/v1/report/filters/variable/program-summary {
                proxy_pass     http://localhost:90/api/rest/b2b/v1/report/filters/variable/program-summary;
                proxy_redirect off;
                 proxy_set_header X-Real-IP $remote_addr;
                 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_pass_request_headers on;
                proxy_set_header Host $http_host;
                proxy_set_header X-Forwarded-Proto https;
    'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,origin,authorization,accept,client-security-token';
            }

            location /api/rest/b2b/v1/query/program-summary/barchart {
                proxy_pass  http://localhost:90/api/rest/b2b/v1/query/program-summary/barchart;
                proxy_redirect off;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_pass_request_headers on;
                proxy_set_header Host $http_host;
                client_max_body_size 10M;
                proxy_set_header X-Forwarded-Proto https;
    'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,origin,authorization,accept,client-security-token';
            }
             location /api/rest/b2b/v1/query/program-summary/datagrid {
                proxy_pass   http://localhost:90/api/rest/b2b/v1/query/program-summary/datagrid;
                proxy_redirect off;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_pass_request_headers on;
                proxy_set_header Host $http_host;
                client_max_body_size 10M;
                proxy_set_header X-Forwarded-Proto https;
    'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,origin,authorization,accept,client-security-token';
            }
             location /api/rest/b2b/v1/query/program-summary/status_pie {
                proxy_pass    http://localhost:90/api/rest/b2b/v1/query/program-summary/status_pie;
                proxy_redirect off;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_pass_request_headers on;
                proxy_set_header Host $http_host;
                client_max_body_size 10M;
                proxy_set_header X-Forwarded-Proto https;
    'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,origin,authorization,accept,client-security-token';
            }

             location /api/rest/b2b/v1/query/program-summary/summary {
                proxy_pass     http://localhost:90/api/rest/b2b/v1/query/program-summary/summary;
                proxy_redirect off;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_pass_request_headers on;
                proxy_set_header Host $http_host;
                client_max_body_size 10M; 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,origin,authorization,accept,client-security-token';
            }
            location /api/rest/b2b/v1/query/program-summary/sales_datagrid {
                proxy_pass    http://localhost:90/api/rest/b2b/v1/query/program-summary/sales_datagrid;
                proxy_redirect off;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_pass_request_headers on;
                proxy_set_header Host $http_host;
                client_max_body_size 10M;
    'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,origin,authorization,accept,client-security-token';
            }
            location  /api/rest/b2b/v2/constants/CDN_URL {
                    proxy_pass    http://localhost:90/api/rest/b2b/v2/constants/CDN_URL;
                    proxy_redirect off;
                    proxy_set_header X-Real-IP $remote_addr;
                    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                    proxy_pass_request_headers on;
                    proxy_set_header Host $http_host;
                    client_max_body_size 10M;
            }
            location ~ ^/templates/(.*)$ {
                    alias /webroot/reporting-dashboard/templates/$1;
            }

            location ~ ^/data/(.*)$ {
                    alias /webroot/reporting-dashboard/data/$1;
            }

            location ~ ^/styles/(.*)$ {
                    alias /webroot/reporting-dashboard/styles/$1;
            }

            location ~ ^/bower_components/(.*)$ {
                    alias /webroot/reporting-dashboard/bower_components/$1;
            }

            location /scripts/62219e5b.vendor.js {
                    alias /webroot/reporting-dashboard/scripts/62219e5b.vendor.js;
            }

            location /scripts/9ec589bc.plugins.js {
                    alias /webroot/reporting-dashboard/scripts/9ec589bc.plugins.js;
            }

            location /scripts/e13d4652.main.js {
                    alias /webroot/reporting-dashboard/scripts/e13d4652.main.js;
            }


            error_page   502 503 504  /vzb_50x.html;
                location = /vzb_50x.html {
                root   /tomcats/webapps/ROOT/static/errorFiles;
            }
    }

共有1个答案

袁骏祥
2023-03-14

在conf文件中添加proxy_hide_header set-cookie;解决了这个问题。这基本上从响应中删除了cookie。

https://serverfault.com/questions/641417/nginx-not-processing-proxy-hide-header-and-proxy-ignore-headers

 类似资料:
  • 我用的是回应。sendRedirect()用于在用户成功通过身份验证后将用户重定向到主页。这是为了避免“登录重定向漏洞”。 然而,由于上述变化,我的一个客户面临的问题是他的HTTPS请求被转换为HTTP(网址中有ip地址)。同样的原因在这里解释 http://geekexplains.blogspot.in/2008/06/https-becoming-http-in-case-of.html 现

  • 我在一个项目中使用Volley框架,我总是需要自己处理重定向以处理标头。 如何处理重定向现在取决于方法和传输层。我希望使用默认的截取(自动选择传输层),而不更改任何截取代码。 一个有效的解决方案是始终使用OkHttp作为传输层(如Volley的问题和贡献中所述),但我想知道是否有一种方法不需要额外的框架。 因此,我正在寻找一种“干净”的方法来禁用自动重定向处理。 编辑: 我更喜欢使用OkHttp,

  • 问题内容: 如何在不重定向页面的情况下更改URL地址? 例如,当我单击下面的链接时: 我将从链接中获取URL: 如果我在下面这样做,页面将被重定向: 我想做一个类似此站点的操作,当您单击图像时,ajax调用将获取请求的页面,并且窗口上的URL地址也将被更改,因此它具有用于单击的路径。 问题答案: 注意:现在受支持-请参阅其他答案。 您 不能 更改整个URL而无需重定向,您可以做的是更改 hash

  • 我正在使用JSF2和PrimeFaces。我如何编写selectOneMenu,当用户更改菜单中的选项时,调用JSF导航将用户重定向到同一个页面,但参数不同?我只需要换颜色。 来自网址: MyView。xhtml:(无工作) ManagedBean:

  • 问题内容: 我试图删除文件中除最后一行以外的所有行,但是以下命令不起作用,尽管file.txt不为空。 为什么会这样呢? 问题答案: 从文件通过管道重定向回到同一文件是不安全的;如果在开始读取第一阶段之前设置管道的最后阶段时被外壳覆盖,那么最终将得到空输出。 而是执行以下操作: …嗯,实际上,不要在生产代码中这样做;特别是如果您在对安全性敏感的环境中并以root用户身份运行,则以下更合适: 另一种

  • 我正在使用Codeigniter在用户注销我的网站后重定向页面http://www.theindianclassified.com. 当用户转到网址http://www.theindianclassified.com/logout他被重定向到主页后,他被注销出系统。但是如果用户登录并且再次单击注销用户不是注销而是他被重定向到主页。我认为使用Codeigniter方法的重定向是由浏览器缓存的。 请帮