Rails 5 ActionController :: InvalidAuthenticityToken on Production Enviroment Nginx

Question

On Rails 5.2, SSL enviroment, running as reverse_proxy with Nginx, whenever I submit a form I get the error: 在Rails 5.2，SSL环境中，使用Nginx作为reverse_proxy运行，每当我提交表单时，我都会收到错误：

HTTP Origin header ( https://agro2business.com.br ) didn't match request.base_url ( https://agro2business.com.br , agro2business.com.br) HTTP Origin标头（ https://agro2business.com.br ）与request.base_url（ https ://agro2business.com.br,agro2business.com.br）不匹配

Completed 422 Unprocessable Entity in 1ms (ActiveRecord: 0.0ms) 在1ms内完成422个不可处理的实体（ActiveRecord：0.0ms）

ActionController::InvalidAuthenticityToken (ActionController::InvalidAuthenticityToken) ActionController :: InvalidAuthenticityToken（ActionController :: InvalidAuthenticityToken）

I'd read about configuring params and Nginx for passing on headers in another StackOverflow questions but no luck so far. 我读过有关配置params和Nginx以便在另一个StackOverflow问题中传递头文件，但到目前为止没有运气。 My nginx config file: 我的nginx配置文件：

proxy_pass http://localhost:4000 ; proxy_pass http：// localhost：4000 ; } }

location / { 位置 / {

  proxy_pass http://localhost:4000; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_set_header X-Real-Port $server_port; proxy_set_header X-Real-Scheme $scheme; proxy_set_header X-NginX-Proxy true; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Ssl on; }

Why is Rails trying to compare the header with two values? 为什么Rails尝试将标头与两个值进行比较？

request.base_url ( https://agro2business.com.br , agro2business.com.br) request.base_url（ https ://agro2business.com.br,agro2business.com.br）

Answer 1

My problem was that in my nginx config I was setting header Host two times and this was causing url generation misleadings, which in turn was invalidating form submissions. 我的问题是，在我的nginx配置中，我设置了标题主机两次，这导致网址生成误导，这反过来使表单提交无效。

  proxy_pass http://localhost:4000;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        **proxy_set_header Host $http_host;**
        proxy_redirect off;
        proxy_set_header X-Real-IP  $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        **proxy_set_header Host $http_host;**
        proxy_set_header X-Real-Port $server_port;
        proxy_set_header X-Real-Scheme $scheme;
        proxy_set_header X-NginX-Proxy true;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Ssl on;

Just removing one the two proxy_set_header Host $http_host; 只需删除两个proxy_set_header Host $ http_host; did the trick 做了伎俩

Rails 5 ActionController :: InvalidAuthenticityToken on Production Enviroment Nginx

问题描述

1 个解决方案

解决方案1
0 已采纳 2019-05-12 05:37:16

Rails 5 ActionController :: InvalidAuthenticityToken on Production Enviroment Nginx

问题描述

1 个解决方案

解决方案1 0 已采纳 2019-05-12 05:37:16

解决方案1
0 已采纳 2019-05-12 05:37:16