forked from sr/git-wiki
-
-
Notifications
You must be signed in to change notification settings - Fork 44
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Rack::Protection::HttpOrigin blocking POST through Nginx proxy #98
Comments
I will take a look before the next release. You have to change the config.ru file |
Thanks @minad; please let me know if you have a sense of time-frame for that. My current Nginx configuration, in this regard, looks like so: |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This maybe a matter of configuration, but I'm not a Ruby developer (yet), so I'm not sure where to look for either diagnosing or fixing it properly.
I've got an Nginx installation proxying requests to Olelo. It seems GET requests work fine.
POST requests get a 403 Forbidden response, and in my console I see a log from Olelo:
WARN -- : attack prevented by Rack::Protection::HttpOrigin
Nginx is responding to hostname
a.b.c
(example), and Olelo is using Thin, currently, to listen on0.0.0.0:3535
.What requirements does this Protection module enforce? Are there specific HTTP headers I need to pass through? (I'm already trying with Origin and Cookie headers, but no luck.)
Is this a matter of configuring Olelo differently?
Thanks!
The text was updated successfully, but these errors were encountered: