3

In my website I have Cross Domains Requests with sometimes, HTTP 302 reponses.

I want to do two things:

  • for HTTP OPTIONS requests: HTTP code 200, no follow redirect
  • for HTTP POST, GET requests: Follow a new URL and execute all 302 if needed.

As urls to follow with get and post are various (multiple API) I did something like that:

http://myproxyurl.com?service=http://myapi.com (with myapi.com URL encoded)

Here is my proxy vhost:

<VirtualHost *:80>
  DocumentRoot "C:/..."
  ServerName http://myproxyurl.com

  Header always set Access-Control-Allow-Origin "*"
  Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS"
  Header always set Access-Control-Max-Age "1000"
  Header always set Access-Control-Allow-Headers "x-requested-with, Content-Type, origin, authorization, accept, client-security-token"

  RewriteEngine on
  RewriteCond %{REQUEST_METHOD} OPTIONS
  RewriteRule ^(.*)$ $1 [R=200,L]

  RewriteCond %{QUERY_STRING} ^service=(.*)
  RewriteRule (.*) $1 [R,L]
</VirtualHost>

But with it I have redirect loop on chrome like this: Chrome network tab screen shot

How can I fix this rediect loop? I'm open to better solution than "?service=" if any.

Thanks for help.

EDIT: New Vhost conf

With : Mod-proxy with query string alternatives? I'm close to solution... but still get a code 500

<VirtualHost *:80>
  LogLevel alert rewrite:trace8
  DocumentRoot "C:/..."
  ServerName myproxyurl.com
  Header always set Access-Control-Allow-Origin "*"
  Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS"
  Header always set Access-Control-Max-Age "1000"
  Header always set Access-Control-Allow-Headers "x-requested-with, Content-Type, origin, authorization, accept, client-security-token"
  AllowEncodedSlashes On
  RewriteEngine on
  RewriteCond %{REQUEST_METHOD} OPTIONS
  RewriteRule ^(.*)$ $1 [R=200,L]

  RewriteMap unescape int:unescape

  RewriteCond %{QUERY_STRING} ^service=(.*)$
  RewriteRule ^/ ${unescape:%1} [P,L]


</VirtualHost>
Community
  • 1
CyrilleGuimezanes
  • 131
  • 6
  • Try replacing this RewriteRule (.*) $1 [R,L] with this one RewriteRule (.*) $1? [R,L] – serverliving.com Dec 16 '15 at 09:35
  • No redirect loop but ... no request too I get: OK - The server encountered an internal error or misconfiguration and was unable to complete your request. Instead of the redirection. – CyrilleGuimezanes Dec 16 '15 at 09:50
  • I dont think it will throw a syntax error. you can see the error log for more details – serverliving.com Dec 16 '15 at 10:16
  • I have no revelant messages on Apache error logs :( – CyrilleGuimezanes Dec 16 '15 at 12:27
  • You can try enabling logging in debug mode & also enable rewrite logging so you can quickly figure out what to fix – serverliving.com Dec 16 '15 at 12:30
  • Your configuration can't work `ServerName http://myproxyurl.com` servername has to be set without protocol. Change this restart Apache, remove cache from Chrome, restart Chrome, and then try again. To disaply rewrite log you can change your log level like this `LogLevel debug rewrite:trace8` Rewrite log will be in error.log – Froggiz Dec 16 '15 at 12:48
  • init rewrite engine with requested uri / | applying pattern '^(.*)$' to uri '/' ..... I think the GET param "service" is ignored because I hit proxy index page – CyrilleGuimezanes Dec 16 '15 at 12:55
  • @Froggiz removed protocol but no changes. Log level is set to 4 – CyrilleGuimezanes Dec 16 '15 at 13:00
  • it is `rewrite:trace8` which is important, it will log rewrite action, can you post rewrite logs when you try to access to your url ? – Froggiz Dec 16 '15 at 13:07
  • Here's rewrite:trace8 logs: http://pastebin.com/PSTDgPKP for one request – CyrilleGuimezanes Dec 16 '15 at 13:18
  • @Froggiz see my edit and this pastbin: http://pastebin.com/q5djn2M8 – CyrilleGuimezanes Dec 16 '15 at 14:50
  • Log doesn't show anything wrong. And mainly not showing redirect loop as your Chrome screenshot. I can't help you with contradictory informations. Maybe you can put your error 500 information from access log – Froggiz Dec 16 '15 at 15:30
  • Sorry, the redirect loop was fixed since my screen shot with the new vhost definition (my edit). In my access log, there are nothing revelant and the pastbin is my error log. – CyrilleGuimezanes Dec 16 '15 at 15:44
  • Finally, I got it! See my answer. Thanks a lot Froggiz and serverliving.com – CyrilleGuimezanes Dec 16 '15 at 16:12

1 Answers1

0

Final VHOST:

<VirtualHost *:80>
    DocumentRoot "C:/..."
    ServerName myproxyurl.com
    Header always set Access-Control-Allow-Origin "*"
    Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS"
    Header always set Access-Control-Max-Age "1000"
    Header always set Access-Control-Allow-Headers "x-requested-with, Content-Type, origin, authorization, accept, client-security-token"

    RewriteEngine on
    RewriteCond %{REQUEST_METHOD} OPTIONS
    RewriteRule ^(.*)$ $1 [R=200,L]

    RewriteMap unescape int:unescape

    RewriteCond %{QUERY_STRING} ^service=(.*)$
    RewriteRule ^/ ${unescape:%1} [P,NE,R=302,L]

</VirtualHost>

Not sure if all these lines/flags are required, but, I get the results!

You have to enable these apache modules:

  • mod_rewrite
  • proxy_module
  • proxy_http_module
  • headers_module

Good to know: I read that this method is not secured because anyone can place any URL in service param ... in my case I can trust users.

CyrilleGuimezanes
  • 131
  • 6