Nginx Download MP3 206 Partial Content HTTP Response

Francis Daly francis at daoine.org
Sun Nov 8 19:54:38 UTC 2020 

On Sun, Nov 08, 2020 at 09:51:36AM -0500, garycnew at yahoo.com wrote:

Hi there,

> Interestingly, the copy/paste method yields an initial 302 response opposed
> to a 200 response with the click link method.

You have two requests to the same url, getting different responses.

Does your nginx config include anything that might show why "the same"
request gets a different response?

If not -- does your upstream do anything to explain that?

Perhaps something wants certain http request headers to be present,
or to be absent?

> GET http://example.com/ajax/inc/283544 HTTP/1.1
> Host: example.com
> Connection: keep-alive
> Upgrade-Insecure-Requests: 1

That request header invites the server to redirect to https, if
available. Maybe that's where the https part comes in.

> HTTP/1.1 302 Found
> Server: nginx/1.19.2
...
> Set-Cookie: __cfduid=d2f42248bc953328459ea277d77ee62671604845673;
> expires=Tue, 08-Dec-20 14:27:53 GMT; path=/; domain=.example.com; HttpOnly;
> SameSite=Lax; Secure
> Location: http://example.com/download/283544

But the response that the client gets is to http. I think you said that
you had configured your nginx to proxy_redirect from https to http? The
"Set-Cookie" line there (from the upstream) has the "Secure" flag, so the
client is unlikely to send it with a subsequent http request (only https).

> GET http://example.com/download/283544 HTTP/1.1
> Host: example.com
> Connection: keep-alive
> Upgrade-Insecure-Requests: 1

This request also invites the server to redirect to https, if appropriate.

> HTTP/1.1 307 Temporary Redirect
> Server: nginx/1.19.2
...
> Location:
> http://st1.example.com/music/9/68/katy_perry_feat._snoop_dogg_-_california_gurls_(mstrkrft_remix_radio)_(zvukoff.ru).mp3?download=force

...and the response that the client gets is to http on a different server.

So this next request goes to that different server (same nginx instance,
perhaps?)

> GET
> http://st1.example.com/music/9/68/katy_perry_feat._snoop_dogg_-_california_gurls_(mstrkrft_remix_radio)_(zvukoff.ru).mp3?download=force
> HTTP/1.1
> Host: st1.example.com

> HTTP/1.1 200 OK
> Server: nginx/1.19.2
> Date: Sun, 08 Nov 2020 14:28:00 GMT
> Content-Type: application/force-download
> Content-Length: 6634727

and presumably gets the expected response of "the desired content".

> Nginx Access Logs (Click Link Method - Fails):
> 
> 192.168.0.154 - - [08/Nov/2020:14:27:00 +0000] "GET /ajax/inc/283544
> HTTP/1.1" 200 94 "http://example.com/mp3/search?keywords=california+gurls"
> "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
> Gecko) Chrome/86.0.4240.75 Safari/537.36 Edg/86.0.622.38"
> 
> Nginx Access Logs (Copy/Paste Method - Success):
> 
> 192.168.0.154 - - [08/Nov/2020:14:27:53 +0000] "GET /ajax/inc/283544
> HTTP/1.1" 302 5 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64)
> AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.75 Safari/537.36"

What is your nginx config for the request /ajax/inc/283544?

Does it explain why the responses differ? Does it care about the http
Referer: header, or does it care about the http User-Agent: header? (They
seem to differ in these two requests.)

> I could use an extra set of eyes to review the requests/responses and logs
> to confirm whether I'm missing something.

It sounds like you want the request for /ajax/inc/283544 to get a 302
response. If nginx handles the two requests for it the same way, then
there must be something different in what upstream is doing. Can you
see that, or change it?

Cheers,

	f
-- 
Francis Daly        francis at daoine.org

More information about the nginx mailing list