当我使用 nginx 时,我在 openmeeting 5.0.0-M2 中登录时收到 400 错误。
我的nginx配置如下:
server {
listen 443 ssl;
ssl on;
ssl_certificate path_to_certificate;
ssl_certificate_key path_to_key;
server_name myservername;
location /openmeetings/ {
proxy_pass http://127.0.0.1:5080/openmeetings/;
proxy_set_header Host $host;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Referer 'http://$host/openmeetings/';
proxy_set_header X-Real-IP $remote_addr;
}
}
我的日志文件:
CsrfPreventionRequestCycleListener:779 [nio-5080-exec-4]ESC[0;39m - Possible CSRF attack, request URL:
http://ocean.paramatrix.com/openmeetings/wicket/bookmarkable/org.apache.openmee
tings.web.pages.HashPage, Origin: https://ocean.paramatrix.com, action: aborted
with error 400 Origin does not correspond to request
虽然这在火狐浏览器上运行良好,但在 Chrome 浏览器上则不然。
有谁知道,我需要做什么其他配置?任何帮助,不胜感激。
尝试通过使 Referer 标头 HTTPS:
proxy_set_header Referer 'https://$ho....
Openmeetings 本身使用 SSL 本身和 5443 端口运行。 你应该试试这个:
proxy_pass http://127.0.0.1:5443/openmeetings/;