我开发了一个web应用程序,这个应用程序在Apache和Nginx (proxy_pass)上运行。我的ADSL没有问题,但在移动网络(3G/4G)上出现问题
我的应用程序工作正常,但是当我试图登录时,它失败了。
如果我配置服务器运行SSL (HTTPS),登录过程运行良好,然后我决定检查我的服务器配置,这在HTTP和HTTPS之间是相同的。
另外,我检查HTTP头,我看到一个新的HTTP头:
Via:1.0 proxy (proxy)
X-Cache:MISS from proxy
有人知道这是什么吗?为什么头被添加,如果头是问题?
Nginx配置:server {
listen 80;
server_name *.example.com;
access_log off;
error_log off;
root $app_folder/www/;
location ~ /. { deny all; }
location ~ ~$ { deny all; }
location ~ .php$ { deny all; }
location ~ /(cart) {
rewrite ^ https://$http_host$request_uri? permanent;
}
location / {
set $var A;
if ($remote_addr != XXX.XXX.XXX.XXX) {
set $var "${var}B";
}
if ($var = AB) {
#return 503;
}
proxy_pass http://127.0.0.1:8080;
}
include /etc/nginx/proxy.conf;
location ~* .(js|css|png|jpeg)$ {
include /etc/nginx/includes/cdn-header-cache;
}
location ~ /svn {
gzip on;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_min_length 1100;
gzip_buffers 64 8k;
gzip_proxied any;
gzip_types text/html text/plain text/xml application/xml application/xml+rss text/css text/javascript application/javascript application/json;
gzip_proxied expired no-cache no-store private auth;
gzip_disable msie6;
gzip_vary on;
}
location /nginx_status {
stub_status on;
access_log off;
allow XXX.XXX.XXX.XXX;
deny all;
}
error_page 500 502 504 /50x.html;
error_page 503 /work.html;
location = /work.html {
root /home/website;
}
}
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 1024M;
client_body_buffer_size 1024M;
proxy_buffer_size 128k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
cdn-header-cache文件
expires 3M;
log_not_found off;
access_log off;
add_header Cache-Control public;
# don't send cookies
fastcgi_hide_header Set-Cookie;
# CORS config
set $cors "true";
# Determine the HTTP request method used
if ($request_method = 'OPTIONS') {
set $cors "${cors}options";
}
if ($request_method = 'GET') {
set $cors "${cors}get";
}
if ($request_method = 'POST') {
set $cors "${cors}post";
}
if ($cors = "true") {
# Catch all incase there's a request method we're not dealing with properly
add_header 'Access-Control-Allow-Origin' '*';
}
if ($cors = "trueget") {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
}
if ($cors = "trueoptions") {
add_header 'Access-Control-Allow-Origin' '*';
# Om nom nom cookies
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
# Custom headers and headers various browsers *should* be OK with but aren't
add_header 'Access-Control-Allow-Headers' 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
# Tell client that this pre-flight info is valid for 20 days
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain charset=UTF-8';
add_header 'Content-Length' 0;
return 204;
}
if ($cors = "truepost") {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
}
Apache Virtual Host
<VirtualHost *:8080>
DocumentRoot "/home/website/www"
ServerAdmin postmaster@example.com
ServerName www.example.com
ServerAlias example.com
setenvIf Request_URI ".(jpg|jpeg|png|css|gif|ico|js)$" dontlog
CustomLog /var/log/apache2/example.com-access.log combined env=!dontlog
ErrorLog /var/log/apache2/example.com-error.log
<Directory /home/website/www/>
allow from all
Options +Indexes
</Directory>
</VirtualHost>
您使用的Apache和Nginx配置可能会有所帮助。