[英]apache2 reverse proxy inadvertently altering content
我已將Apache2配置為充當IIS中運行的網站的反向代理,以減輕該網站的SSL和ModSecurity的負擔。 對於大多數瀏覽器來說,它似乎工作得很好,直到我嘗試從iPad上訪問該站點為止,這時很明顯它正在重寫頁面,導致頁面加載不正確。
如果更改用戶代理以使其與iPad的用戶代理匹配,則可以在另一個瀏覽器中重新創建問題。
頁面源代碼的前幾行應如下所示:
<!DOCTYPE html>
<html lang="en">
<head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><meta name="apple-mobile-web-app-capable" content="yes" /><meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=no, minimum-scale=1.0, maximum-scale=1.0" /><meta name="apple-mobile-web-app-status-bar-style" content="black-translucent" /><meta name="format-detection" content="telephone=no" /><title>
Login - Intuition by Vertex
</title>
<link href="/VertexIntuition/Content/images/favicon.png" rel="icon" type="image/png" />
<script src="/VertexIntuition/bundles/jquery?v=UgyEMAYOuSB9Bb6HcOEVHpd6fIIp54yF086SRNVcdIY1"></script>
<script src="/VertexIntuition/bundles/tablet?v=2kDCvhCBNKBgX0qN9fTU9DAHVqMl3xRFihmIqyYo6hY1"></script>
<link href="/VertexIntuition/Content/style/tabletbundle?v=ItHS3VZO8NwiILS32jviRjVSaLWeZuF0S17HnIT_2Y01" rel="stylesheet"/>
<!-- Framework CSS -->
<!--[if lt IE 8]>
<link rel="stylesheet" href="/VertexIntuition/Content/style/tablet/blueprint/ie.css" type="text/css" media="screen, projection" />
<![endif]-->
<!-- Page specific styles -->
</head>
<body>
通過反向代理訪問頁面時,源的相同塊將重寫為:
<html lang="en"><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><meta name="apple-mobile-web-app-capable" content="yes"><meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=no, minimum-scale=1.0, maximum-scale=1.0"><meta name="apple-mobile-web-app-status-bar-style" content="black-translucent"><meta name="format-detection" content="telephone=no"><title>
Login - Intuition by Vertex
</title><link href="/VertexIntuition/Content/images/favicon.png" rel="icon" type="image/png"><script src="/VertexIntuition/bundles/jquery?v=UgyEMAYOuSB9Bb6HcOEVHpd6fIIp54yF086SRNVcdIY1"></script><script src="/VertexIntuition/bundles/tablet?v=2kDCvhCBNKBgX0qN9fTU9DAHVqMl3xRFihmIqyYo6hY1"></script><link href="/VertexIntuition/Content/style/tabletbundle?v=ItHS3VZO8NwiILS32jviRjVSaLWeZuF0S17HnIT_2Y01" rel="stylesheet"><!-- Framework CSS --><!--[if lt IE 8]>
<link rel="stylesheet" href="/VertexIntuition/Content/style/tablet/blueprint/ie.css" type="text/css" media="screen, projection" />
<![endif]--><!-- Page specific styles --></head><body>
而且頁面的布局最終會被錯誤地格式化(不僅僅是這一部分被更改的文本,我只是將其用作更改的示例。)
該站點的配置如下:
<VirtualHost *:443>
ServerAdmin webmaster@localhost
ErrorLog /var/log/apache2/reverseproxy-ssl_error.log
LogLevel info
CustomLog /var/log/apache2/access-ssl.log combined
ProxyRequests off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPreserveHost On
ProxyHTMLInterp on
ProxyPass / http://internal.site.local/
ProxyPassReverse / http://internal.site.local/
SetOutputFilter proxy-html
ProxyHTMLURLMap http://internal.site.local /
RequestHeader unset Accept-Encoding
SSLEngine on
SSLProxyEngine On
SSLCertificateFile /etc/ssl/certs/server.crt
SSLCertificateKeyFile /etc/ssl/private/server.key
SSLCertificateChainFile /etc/ssl/certs/intermediate.crt
</VirtualHost>
我現在已完全禁用ModSecurity以便對問題進行故障排除,而該問題仍然存在,因此不應該如此。
我使用的URL看起來像這樣: https : //mysite.example.com/VertexIntuition/SystemUser/Login ,同樣,它似乎適用於大多數其他瀏覽器
如果我跑
wget --user-agent="Mozilla/5.0 (iPad; U; CPU OS 3_2_1 like Mac OS X; en-us) AppleWebKit/531.21.10 (KHTML, like Gecko) Version/4.0.4 Mobile/7B405 Safari/531.21.10" http://internal.site.local/VertexIntuition/SystemUser/Login"
從作為反向代理運行的服務器上,我得到的頁面似乎正確。
顯然,實際上並沒有問題,只是一些奇怪的緩存問題和ModSecurity規則之一的組合。 我的配置很好。
觸發規則集,導致該問題為modsecurity_crs_21_protocol_anomalies.conf,這導致頁面呈現不正確。 關閉ModSecurity后問題仍然存在,因為我的瀏覽器無法正確清除緩存。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.