0

Local Development Environment.

I have touched a little the template file with which the nginx configurations are generated, the result is the following:

# from nginxproxy/nginx-proxy
# uknp.dock/
upstream uknp.dock {
    # Container: WSDD-Web-Server-PHP8.3
    #     networks:
    #         wsdd-network (reachable)
    #     IP address: 172.18.0.2
    #     exposed ports (first ten): 10000/tcp 80/tcp
    #     default port: 80
    #     using port: 80
    server 172.18.0.2:80;
}
server {
    server_name uknp.dock;
    access_log /var/log/nginx/access.log vhost;
    http2 on;
    listen 80 ;
    location /.well-known/acme-challenge/ {
        proxy_intercept_errors off;
        fastcgi_intercept_errors off;
        auth_basic off;
        allow all;
        root /usr/share/nginx/html;
        try_files $uri =404;
        break;
    }
    listen 443 ssl ;
    ssl_session_timeout 5m;
    ssl_session_cache shared:SSL:50m;
    ssl_session_tickets off;
    ssl_certificate /etc/nginx/certs/uknp.dock.crt;
    ssl_certificate_key /etc/nginx/certs/uknp.dock.key;
    location / {
        proxy_intercept_errors off;
        fastcgi_intercept_errors off; 
        proxy_pass http://uknp.dock;
        set $upstream_keepalive false;
        # Add these headers to keep the original status codes
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Host $host;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Real-IP $remote_addr;
        # Ensure that HTTP status codes are not modified
        proxy_ignore_headers Set-Cookie;
        proxy_pass_request_headers on;
    }
    # custom 419 error
    error_page 419 = /custom_419.html;
    location = /custom_419.html {
        internal;
        add_header Content-Type text/html;
        return 419 "Session expired or CSRF token invalid.";
    }
}

This is supposedly my reverse proxy configuration pointing to an Apache container (which was working fine until I had to implement a 419 status code for CSRF).

Regardless of my Nginx configuration, it keeps converting/overwriting the 419 error to a 500...

<?php
// Set headers to avoid caching
header('Cache-Control: no-cache, no-store, must-revalidate');
header('Pragma: no-cache');
header('Expires: 0');

// Set custom header for CSRF
header('X-CSRF-TOKEN: expired_token_12345');

// Set status code 419 (CSRF Token Expired)
http_response_code(419);

// Response content in JSON format
header('Content-Type: application/json');

echo json_encode([
    'error' => true,
    'message' => 'CSRF token has expired',
    'code' => 419,
    'status' => 'CSRF_TOKEN_EXPIRED'
]);

Note: I have already restarted the services/containers. I have already verified that everything in the backend works well as expected... at least the reverse proxy seems to do whatever it wants...

Improve this question
Related questions
3
Ngnix Jsession changed redirection issue
7
what's wrong with this configuration for nginx as reverse proxy for node.js?
2
nginx docker proxy_path to an other docker in the server
Load 3 more related questions Show fewer related questions

0

Reset to default

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.