Internal application - Publish on nginx

agomes nginx-forum at forum.nginx.org
Fri Dec 3 15:05:57 UTC 2021


Hi Francis,

I really appreciate your help.

in my location /app I have this configuration.

 location /app {
     proxy_pass https://resetpass/pwm/public/forgottenpasswordapp;
     #rewrite ^/(.*)/pwm/public$ /$1 break;
     proxy_redirect /pwm/public/forgottenpasswordapp /app;
     #proxy_set_header Host $host;
  }

when I run the curl -v command I have this output.

################################

root at ubuntu-server:/home/agomes# curl -v https://x.x.x.x/app
*   Trying 65.39.150.151:443...
* Connected to x.x.x.x (x.x.x.x) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use http/1.1
* Server certificate:
*  subject: CN=*.x.x.x.x
*  start date: Mar 31 00:00:00 2021 GMT
*  expire date: Mar 31 23:59:59 2022 GMT
*  subjectAltName: host "x.x.x.x" matched cert's "*.x.x.x.x"
*  issuer: xxxxx
*  SSL certificate verify ok.
> GET /app HTTP/1.1
> Host: x.x.x.x
> User-Agent: curl/7.74.0
> Accept: */*
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
* Mark bundle as not supporting multiuse
< HTTP/1.1 302
< Server: nginx
< Date: Fri, 03 Dec 2021 15:01:45 GMT
< Content-Length: 0
< Location: https://x.x.x.x/app?stickyRedirectTest=key
< Connection: keep-alive
< Vary: Accept-Encoding
< Set-Cookie: JSESSIONID=D70474FE95784C0A07C659A05D224233; Path=/pwm;
Secure; HttpOnly; SameSite=Strict
< X-PWM-SessionID: YXAYQ
< Content-Language: en
< X-PWM-Noise: VTRHPaZo4u06vSjXq956ujfN1G2s1Y
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1
< X-PWM-Instance: 7D0720A46A762638
< X-Frame-Options: DENY
< X-PWM-Amb: in the future, you'll just /think/ your password
< Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
< Content-Security-Policy: default-src 'self'; object-src 'none'; img-src
'self' data:; style-src 'self' 'unsafe-inline'; script-src
https://www.recaptcha.net/recaptcha/ https://www.gstatic.cn/recaptcha/ 
https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ 'self'
'unsafe-eval' 'nonce-vSpzMNrxkvmBUtzLvNHnmxbEQREymvtV'; frame-src
https://www.recaptcha.net/recaptcha/ https://www.gstatic.cn/recaptcha/
https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ ;
report-uri /pwm/public/api?processAction=cspReport
< Set-Cookie: ID=yiElg4A1ZZXYfaMTaNsCOzLDDq1v6xtYkwqvhuxh; Path=/pwm/;
Secure; HttpOnly; SameSite=Strict
< Set-Cookie:
SESSION=H4sIAAAAAAAAAAHLADT_UFdNLkdDTTEQoiWD0ScsDFgNWID788sONPQqGgXG0dbsSPDwD0jaK588y_9z6aL9Zy8cRnp56mjEjt6iDZIEy4ihINlmcYFVSicYNMuIBrM68x2hbaGTMZHi_K-Mk2OjegRLtQLipXqKjZe_ylyMkmtuZDYicv9bhoQaOe1VtblF2khZUf9gNzJ2If0mW_nIOci5vR3EeonJNbnh-tjBx4GATIo46jwalNfr2BvPQrgbdb-t74Pz0i1rGyQ-2CaGOLGJIPUhWckgZZh-WTxzywAAAA%3D%3D;
Path=/pwm/; Secure; HttpOnly; SameSite=Strict
< X-Frame-Options: SAMEORIGIN
< X-XSS-Protection: 1; mode=block
< X-Content-Type-Options: nosniff
< Referrer-Policy: no-referrer-when-downgrade
< Content-Security-Policy: default-src * data: 'unsafe-eval'
'unsafe-inline'
< Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
<
* Connection #0 to host x.x.x.x left intact

######################

In the browser bar I have this https://x.x.x.x/app?stickyRedirectTest=key

internally on the application everhthing works very well.

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,292998,293005#msg-293005



More information about the nginx mailing list