Join Log in
Score:0
Lucas avatar Server

Nginx patch request ends up with Invalid CORS request

ch flag
Lucas

It's simple set up.

Three docker containers in same network.

  1. ReactJs - production build on nginx server
  2. Spring Boot
  3. Mysql

GET, POST request works like a charm but when i try to use PATCH request i ends up with

Invalid CORS request

2021/09/01 23:17:27 [notice] 31#31: *5 "/api/(.*)" matches "/api/task/assign/5/S01", client: 172.18.0.1, server: localhost, request: "PATCH /api/task/assign/5/S01 HTTP/1.1", host: "localhost", referrer: "http://localhost/operator/controlpanel"
2021/09/01 23:17:27 [notice] 31#31: *5 rewritten data: "/task/assign/5/S01", args: "", client: 172.18.0.1, server: localhost, request: "PATCH /api/task/assign/5/S01 HTTP/1.1", host: "localhost", referrer: "http://localhost/operator/controlpanel"
172.18.0.1 - - [01/Sep/2021:23:17:27 +0000] "PATCH /api/task/assign/5/S01 HTTP/1.1" 403 31 "http://localhost/operator/controlpanel" "Mozilla/5.0 (Windows NT xx; Win64; x64; rv:xx) Gecko/20100101 Firefox/91.0" "-"

My nginx configuration

server {
  listen          80;
  server_name     localhost;
  expires -1;
  etag off;
  proxy_no_cache 1;
  rewrite_log on;

 location / {
   root /usr/share/nginx/html;
   try_files $uri /index.html;
 }

  location /api {
        rewrite /api/(.*) /$1  break;
        proxy_pass http://app:8080;
        proxy_pass_request_headers on;
        default_type  application/json;
  }
}

On spring boot end i do not received any request info so i assume it has been blocked before sending it to spring server.

Any idea what i'm doing wrong?

427
0 + 3
Michael Hampton avatar
cz flag
Michael Hampton
Check your application's log.
0
Reply
Lucas avatar
ch flag
Lucas
@MichaelHampton Like i mentioned "On spring boot end i do not received any request info so i assume it has been blocked before sending it to spring server." Plus PATCH, PUT, DELETE works fine without nginx
0
Reply
Michael Hampton avatar
cz flag
Michael Hampton
Your app sent a 403 Forbidden error, so it must be doing something. Make sure your app is actually logging.
0
Reply
Slicktrick avatar
cz flag
Slicktrick
@Lucas, Encountering the same error here, did you ever find a solution? We can access the site without the proxy with no problems. As soon as the proxy is introduced, PATCH method results in 403 with a response of "Invalid CORS Request"
0
Reply
Lucas avatar
ch flag
Lucas
@Slicktrick afair Michael was 100% correct spring didn't log that denial of access. Try to debug it before cors check.
0
Reply
Slicktrick avatar
cz flag
Slicktrick
@Lucas thanks for getting back to me. In my case it turned out to be a configuration issue on the end server the proxy was pointed to. Sounds like a similar situation to yours, but the odd part was that an Apache proxy server worked just fine. For whatever reason the Nginx proxy was blocked for just the PATCH request. Made me think it had to be Nginx, but that wasn't the case.
0
Reply
Score:0
Lucas avatar Server
ch flag
Lucas

Your app sent a 403 Forbidden error, so it must be doing something. Make sure your app is actually logging. –  Michael Hampton Sep 2, 2021 at 16:13

For some reason spring didn't put that in logs. If someone face same problem try to debug request before cors filter.

+ 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.