Rails + Passenger + Nginx error Request Origin (domainname.com) does not match Request Base_url (IP Address) -


set up: rails 5.1.3, dreamhost vps passenger , nginx. vps, not have root access perform function require root permissions.

situation: currently, have redone previous rails app actioncable functionality. earlier configuration apache instead of nginx http server. works fine except websockets, , read quite few articles, confirming action cables + apache not work.

at point, switched nginx. nginx, first observation application tries 'get cable/' process , fails upgrade websocket. after reading through various discussions managed solve with:

location /cable {     proxy_pass http://127.0.0.1:8000/cable;     proxy_http_version 1.1; proxy_set_header host $http_host; proxy_set_header upgrade $http_upgrade; proxy_set_header connection "upgrade";  }

as not have root permission access usual dt/etc/nginx/.../***.conf file, dreamhost vps package, can add file @ /home/username/nginx/(appname.com)/(any-file-name.conf) , add on nginx "server block", per dreamhost documentation.

^^so above block of code alone in file called "redis.conf" in directory sorted action cables issue. starts streaming on channels fine.

the main issue, later realize, cannot perform of create, update, destroy actions - needs post or delete methods results in authenticity token error, saying "the request origin (http ://siik.io - this being app & domain name) did not match request.base_url (http ://127.0.0.1).

detail error:

i, [2017-09-11t03:27:28.623080 #7273]  info -- : [50a21156-0333-413e-94b  8-07b791c209fc] completed 200 ok in 83ms (views: 56.0ms | activerecord: 16.6ms) i, [2017-09-11t03:27:31.950732 #7273]  info -- : [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] started post "/conversations/1/messages" 106.208.156.243 @ 2017-09-11 03:27:31 -0700 i, [2017-09-11t03:27:31.953339 #7273]  info -- : [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] processing messagescontroller#create js i, [2017-09-11t03:27:31.953511 #7273]  info -- : [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d]   parameters: {"utf8"=>"✓", "message"=>{"user_id"=>"1", "body"=>"sdfgh"}, "commit"=>"send", "conversation_id"=>"1"} w, [2017-09-11t03:27:31.954325 #7273]  warn -- : [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] http origin header (http://www.siik.io) didn't match request.base_url (http://127.0.0.1:8000) i, [2017-09-11t03:27:31.954890 #7273]  info -- : [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] completed 422 unprocessable entity in 1ms (activerecord: 0.0ms) f, [2017-09-11t03:27:31.956888 #7273] fatal -- : [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d]    f, [2017-09-11t03:27:31.956969 #7273] fatal -- : [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] actioncontroller::invalidauthenticitytoken (actioncontroller::invalidauthenticitytoken): f, [2017-09-11t03:27:31.957017 #7273] fatal -- : [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d]    f, [2017-09-11t03:27:31.957126 #7273] fatal -- : [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] actionpack (5.1.3) lib/action_controller/metal/request_forgery_protection.rb:195:in `handle_unverified_request' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] actionpack (5.1.3) lib/action_controller/metal/request_forgery_protection.rb:227:in `handle_unverified_request' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] devise (4.3.0) lib/devise/controllers/helpers.rb:253:in `handle_unverified_request' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] actionpack (5.1.3) lib/action_controller/metal/request_forgery_protection.rb:222:in `verify_authenticity_token' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] activesupport (5.1.3) lib/active_support/callbacks.rb:413:in `block in make_lambda' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] activesupport (5.1.3) lib/active_support/callbacks.rb:197:in `block (2 levels) in halting' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] actionpack (5.1.3) lib/abstract_controller/callbacks.rb:12:in `block (2 levels) in <module:callbacks>' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] activesupport (5.1.3) lib/active_support/callbacks.rb:198:in `block in halting' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] activesupport (5.1.3) lib/active_support/callbacks.rb:507:in `block in invoke_before' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] activesupport (5.1.3) lib/active_support/callbacks.rb:507:in `each' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] activesupport (5.1.3) lib/active_support/callbacks.rb:507:in `invoke_before' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] activesupport (5.1.3) lib/active_support/callbacks.rb:130:in `run_callbacks' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] actionpack (5.1.3) lib/abstract_controller/callbacks.rb:19:in `process_action' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] actionpack (5.1.3) lib/action_controller/metal/rescue.rb:20:in `process_action' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] actionpack (5.1.3) lib/action_controller/metal/instrumentation.rb:32:in `block in process_action' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] activesupport (5.1.3) lib/active_support/notifications.rb:166:in `block in instrument' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] activesupport (5.1.3) lib/active_support/notifications/instrumenter.rb:21:in `instrument' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] activesupport (5.1.3) lib/active_support/notifications.rb:166:in `instrument' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] actionpack (5.1.3) lib/action_controller/metal/instrumentation.rb:30:in `process_action' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] actionpack (5.1.3) lib/action_controller/metal/params_wrapper.rb:252:in `process_action' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] activerecord (5.1.3) lib/active_record/railties/controller_runtime.rb:22:in `process_action' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] actionpack (5.1.3) lib/abstract_controller/base.rb:124:in `process' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] actionview (5.1.3) lib/action_view/rendering.rb:30:in `process' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] actionpack (5.1.3) lib/action_controller/metal.rb:189:in `dispatch' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] actionpack (5.1.3) lib/action_controller/metal.rb:253:in `dispatch' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] actionpack (5.1.3) lib/action_dispatch/routing/route_set.rb:49:in `dispatch' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] actionpack (5.1.3) lib/action_dispatch/routing/route_set.rb:31:in `serve' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] actionpack (5.1.3) lib/action_dispatch/journey/router.rb:46:in `block in serve' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] actionpack (5.1.3) lib/action_dispatch/journey/router.rb:33:in `each' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] actionpack (5.1.3) lib/action_dispatch/journey/router.rb:33:in `serve' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] actionpack (5.1.3) lib/action_dispatch/routing/route_set.rb:834:in `call' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] remotipart (1.3.1) lib/remotipart/middleware.rb:32:in `call' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] warden (1.2.7) lib/warden/manager.rb:36:in `block in call' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] warden (1.2.7) lib/warden/manager.rb:35:in `catch' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] warden (1.2.7) lib/warden/manager.rb:35:in `call' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] rack (2.0.3) lib/rack/etag.rb:25:in `call' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] rack (2.0.3) lib/rack/conditional_get.rb:38:in `call' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] rack (2.0.3) lib/rack/head.rb:12:in `call' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] rack (2.0.3) lib/rack/session/abstract/id.rb:232:in `context' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] rack (2.0.3) lib/rack/session/abstract/id.rb:226:in `call' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] actionpack (5.1.3) lib/action_dispatch/middleware/cookies.rb:613:in `call' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] actionpack (5.1.3) lib/action_dispatch/middleware/callbacks.rb:26:in `block in call' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] activesupport (5.1.3) lib/active_support/callbacks.rb:97:in `run_callbacks' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] actionpack (5.1.3) lib/action_dispatch/middleware/callbacks.rb:24:in `call' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] actionpack (5.1.3) lib/action_dispatch/middleware/debug_exceptions.rb:59:in `call' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] actionpack (5.1.3) lib/action_dispatch/middleware/show_exceptions.rb:31:in `call' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] railties (5.1.3) lib/rails/rack/logger.rb:36:in `call_app' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] railties (5.1.3) lib/rails/rack/logger.rb:24:in `block in call' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] activesupport (5.1.3) lib/active_support/tagged_logging.rb:69:in `block in tagged' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] activesupport (5.1.3) lib/active_support/tagged_logging.rb:26:in `tagged' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] activesupport (5.1.3) lib/active_support/tagged_logging.rb:69:in `tagged' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] railties (5.1.3) lib/rails/rack/logger.rb:24:in `call' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] actionpack (5.1.3) lib/action_dispatch/middleware/remote_ip.rb:79:in `call' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] actionpack (5.1.3) lib/action_dispatch/middleware/request_id.rb:25:in `call' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] rack (2.0.3) lib/rack/method_override.rb:22:in `call' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] rack (2.0.3) lib/rack/runtime.rb:22:in `call' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] activesupport (5.1.3) lib/active_support/cache/strategy/local_cache_middleware.rb:27:in `call' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] actionpack (5.1.3) lib/action_dispatch/middleware/executor.rb:12:in `call' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] rack (2.0.3) lib/rack/sendfile.rb:111:in `call' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] railties (5.1.3) lib/rails/engine.rb:522:in `call' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] passenger (5.1.8) src/ruby_supportlib/phusion_passenger/rack/thread_handler_extension.rb:97:in `process_request' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] passenger (5.1.8) src/ruby_supportlib/phusion_passenger/request_handler/thread_handler.rb:160:in `accept_and_process_next_request' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] passenger (5.1.8) src/ruby_supportlib/phusion_passenger/request_handler/thread_handler.rb:113:in `main_loop' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] passenger (5.1.8) src/ruby_supportlib/phusion_passenger/request_handler.rb:416:in `block (3 levels) in start_threads' [dd8e08f7-f28b-497b-9ae9-e57a6a45c35d] passenger (5.1.8) src/ruby_supportlib/phusion_passenger/utils.rb:113:in `block in create_thread_and_abort_on_exception'

but, when access site through http ://siik.io:8000 works perfectly, websockets bit without need redis.conf file.

i've gone through week's worth of various fixes , documentations , have failed find solution this. think basic requirement add more headers onto location / {} block add on nginx.conf file... (i've listed examples i've tried below.)

listen 80; listen *:80; server_name siik.io www.siik.io http://siik.io; location / {          proxy_redirect off;         proxy_set_header host $host:8000;          proxy_set_header x-forwarded-for $proxy_add_x_forwarded_for;           proxy_http_version 1.1;          proxy_set_header   x-real-ip $remote_addr:8000;         proxy_set_header  x-forwarded-port $server_port;          proxy_pass http://127.0.0.1:8000/; }

.. i've being trying various combinations & permutations above values see works because clearly, have no clue how works - have conceptual knowledge on reverse proxying , http servers.

yes, know request.origin == request.base_url thing protect_from_forgery bit of rails, don't feel switching off solution, although, did read somewhere including right headers solve issue. i've tried few variations of header sets , none worked, , wondering if including right headers should reach point http origin header change domainname.io ip address or request.base_url change ip address domainname??

oh yes, when add location / {} block in new file proxy.conf next redis.conf breaks. website via domainname.io refuses connect, while domainname.io:8000 works perfectly. empty block under location / breaks - testing see if specific proxy_set commands causing break - no. bits "location / {}" breaks - maybe expected?

why work when access via siik.io:8000, port number explicitly?

any extremely appreciated!!!!

you shouldn't need run action cable server on port, try following these instructions: https://www.phusionpassenger.com/library/config/nginx/action_cable_integration/

copied here per rules™:

running action cable server on same host , port, under sub-uri

this default setup recommended rails , easiest. works mounting actioncable.server path in config/routes.rb. way, action cable server running on same host , port application, under sub-uri.

for example, routes.rb may contain:

# serve websocket cable requests in-process mount actioncable.server => '/cable'

(although routes.rb comment says mounting actioncable.server meant serving in-process, passenger insists on running separate process.)

to make work in passenger + nginx, need add snippet nginx virtual host. suppose had virtual host application, looks this:

server {     listen 80;     server_name www.foo.com;     root /path-to-your-app/public;     passenger_enabled on; }

you need insert location block configures action cable end point, this:

server {     listen 80;     server_name www.foo.com;     root /path-to-your-app/public;     passenger_enabled on;      ### insert this!!! ###     location /cable {         passenger_app_group_name your_app_name_here_action_cable;         passenger_force_max_concurrent_requests_per_process 0;     } }

replace /cable actual action cable path specified in routes.rb.

replace your_app_name_here unique identifier doesn't appear anywhere else in nginx configuration file.

the passenger_force_max_concurrent_requests_per_process option tunes passenger optimal websocket performance.


Comments

Post a Comment

Popular posts from this blog

Sort a complex associative array in PHP -

this question has answer here: php sort array subarray value 5 answers i have associative array in php like: $newarray1 = array ( [producta] => array ( [link] => http://sanjosespartan.com/blog/products/agile-java-development/ [visitcount] => 4 ) [productd] => array ( [link] => http://sanjosespartan.com/blog/products/intro-to-go/ [visitcount] => 1 ) [productg] => array ( [link] => http://sanjosespartan.com/blog/products/node-js-for-developers/ [visitcount] => 1 ) [productb] => array ( [link] => http://sanjosespartan.com/blog/products/beginning-mysql/ [visitcount] => 1 ) [productc] => array ( [link] => http://sanjosespartan.com/blog/products/computer-networks/ [visitcount] => 1 ) ...
Read more

vb.net - How to ignore if a cell is empty nothing -

how use roscolor() ignore value (like empty cell) ? color row if value upper 5 when there nothing in cell, want ignore roscolor() apply, how? public sub roscolor() integer = 0 quotedatagridview1.rows.count() - 1 step +1 dim val integer val = quotedatagridview1.rows(i).cells(3).value if val = vbempty quotedatagridview1.rows(i).defaultcellstyle.backcolor = color.white elseif val < 5 quotedatagridview1.rows(i).defaultcellstyle.backcolor = color.red elseif val > 5 , val < 10 quotedatagridview1.rows(i).defaultcellstyle.backcolor = color.lightyellow end if next end sub you can check empty value following public sub roscolor() integer = 0 quotedatagridview1.rows.count() - 1 step +1 dim val = quotedatagridview1.rows(i).cells(3).value if isdbnull(val) or val nothing quotedatagridview1.rows(i).defaultcellstyle.backcolor = color.white ...
Read more

recursion - Can every recursive algorithm be improved with dynamic programming? -

i first year undergraduate csc student looking competitive programming. recursion involves defining , solving sub problems. understand, top down dynamic programming (dp) involves memoizing solutions sub problems reduce time complexity of algorithm. can top down dp used improve efficiency of every recursive algorithm overlapping sub problems? dp fail work , how can identify this? the short answer is: yes. however, there constraints. obvious 1 recursive calls must overlap. i.e. during execution of algorithm, recursive function must called multiple times same parameters. lets truncate recursion tree memoization. can use memoization reduce number of calls. however, reduction of calls comes price. need store results somewhere. next obvious constraint need have enough memory. comes not-so obvious constraint. memory access requires time. first need find result stored , maybe copy location. in cases, might faster let recursion calculate result instead of loading somewher...
Read more