Join Log in
Score:0
avrahamm avatar Ubuntu

firefox, chromium, and brave browsers force http to https on docker container localhost:8889

ss flag
avrahamm

Step 1

I dockerized some legacy php 5.3 app in some folder on Ubuntu 22.04.1 LTS

docker-compose.yml

version: "3.9"
services:
  # docker-compose up
  # works with Mysql db and with Xdebug.
  app:
    build:
      context: .
      dockerfile: .docker/Dockerfile
    depends_on:
      - mysql
    restart: always
    ports:
      - '${APP_PORT}:80'
    volumes:
      - .:/var/www/html/srv/mipo
    environment:
      DB_HOST: mysql
      DB_USER: '${DB_USER}'
      DB_PASSWORD: '${DB_PASSWORD}'
      DB_DATABASE: '${DB_DATABASE}'
      # @link:https://www.youtube.com/watch?v=9MhHQJjMulk
      XDEBUG_CONFIG: "remote_host=host.docker.internal remote_enable=1 remote_connect_back=1"
      PHP_IDE_CONFIG: "serverName=localhost"

# at mipo-test/protected/config/database.php
# 'connectionString' => 'mysql:host=mysql;port=3306;dbname=yii_davidson_copy',
  mysql:
    image: mysql:5.5
    restart: always
    ports:
      - '${DB_HOST_PORT}:3306'
    volumes:
      - dbdata:/var/lib/mysql
    environment:
      MYSQL_DATABASE: '${MYSQL_DATABASE}'
      MYSQL_ROOT_PASSWORD: '${MYSQL_ROOT_PASSWORD}'

volumes:
  dbdata:

Dockerfile

FROM phpstorm/php-56-apache-xdebug-25

RUN docker-php-ext-install pdo_mysql \
    && a2enmod rewrite \
&& rm -f /etc/apache2/sites-available/* \
&& rm -f /etc/apache2/sites-enabled/* \
&& a2enmod rewrite

COPY .docker/httpd-foreground /usr/local/bin/
COPY .docker/vhost.conf /etc/apache2/sites-available/000-default.conf
COPY . /var/www/html/srv/mipo

RUN ln -s /etc/apache2/sites-available/000-default.conf \
/etc/apache2/sites-enabled/000-default.conf \
&& chmod +x /usr/local/bin/httpd-foreground \
&& chown -R www-data:www-data /var/www/html/srv/mipo \
&& chmod 777 -R /var/www/html/srv/mipo 

WORKDIR /var/www/html/srv/mipo

RUN chmod +x /usr/local/bin/httpd-foreground

EXPOSE 80

CMD ["httpd-foreground"]

vhost.conf

<VirtualHost *:80>
    ServerName localhost

    DocumentRoot /var/www/html/srv/mipo

    <Directory "/var/www/html/srv/mipo">
        # use mod_rewrite for pretty URL support
        RewriteEngine on

        # if $showScriptName is false in UrlManager, do not allow accessing URLs with script name
        RewriteRule ^index.php/ - [L,R=404]

        # If a directory or a file exists, use the request directly
        RewriteCond %{REQUEST_FILENAME} !-f
        RewriteCond %{REQUEST_FILENAME} !-d

        # Otherwise forward the request to index.php
        RewriteRule . index.php
        ### YII additions

        Options Indexes FollowSymLinks MultiViews
        AllowOverride All
        Order allow,deny
        allow from all
        Require all granted
    
    </Directory>

    ErrorLog /dev/stderr
    CustomLog /dev/stdout combined
</VirtualHost>

httpd-foreground

#!/bin/bash
set -e

# Apache gets grumpy about PID files pre-existing
rm -f /usr/local/apache2/logs/httpd.pid
source /etc/apache2/envvars && exec apachectl -D FOREGROUND

avraham@avraham-IdeaPad-L3-15ITL6:/var/www/wz/davidson/mipo-test$ docker ps
CONTAINER ID   IMAGE           COMMAND                  CREATED          STATUS          PORTS                                         NAMES
1ddbe01eaf9b   mipo-test_app   "docker-php-entrypoi…"   32 seconds ago   Up 30 seconds   0.0.0.0:8888->80/tcp, :::8888->80/tcp         mipo-test_app_1
99740e8fddf5   mysql:5.5       "docker-entrypoint.s…"   3 hours ago      Up 31 seconds   0.0.0.0:13307->3306/tcp, :::13307->3306/tcp   mipo-test_mysql_1
avraham@avraham-IdeaPad-L3-15ITL6:/var/www/wz/davidson/mipo-test$

and it worked in firefox by http://localhost:8888

$ curl --verbose -L http://localhost:8888
*   Trying 127.0.0.1:8888...
* Connected to localhost (127.0.0.1) port 8888 (#0)
> GET / HTTP/1.1
> Host: localhost:8888
> User-Agent: curl/7.81.0
> Accept: */*
> 
* Mark bundle as not supporting multiuse
< HTTP/1.1 302 Found
< Date: Wed, 14 Dec 2022 17:46:14 GMT
< Server: Apache/2.4.25 (Debian)
< X-Powered-By: PHP/5.6.40
< Location: /dashboard/
< Content-Length: 0
< Content-Type: text/html; charset=UTF-8
< 
* Connection #0 to host localhost left intact
* Issue another request to this URL: 'http://localhost:8888/dashboard/'
* Found bundle for host localhost: 0x55c35fc40ff0 [serially]
* Can not multiplex, even if we wanted to!
* Re-using existing connection! (#0) with host localhost
* Connected to localhost (127.0.0.1) port 8888 (#0)
> GET /dashboard/ HTTP/1.1
> Host: localhost:8888
> User-Agent: curl/7.81.0
> Accept: */*
> 
* Mark bundle as not supporting multiuse
< HTTP/1.1 302 Found
< Date: Wed, 14 Dec 2022 17:46:14 GMT
< Server: Apache/2.4.25 (Debian)
< X-Powered-By: PHP/5.6.40
< Set-Cookie: PHPSESSID=ed04279896a644c270343c37abf8077f; path=/
< Expires: Thu, 19 Nov 1981 08:52:00 GMT
< Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
< Pragma: no-cache
< Set-Cookie: PHPSESSID=aff7d70cc34295026fb8d8b520fcc991; path=/
< Set-Cookie: dashboard_=a47300809cc366cc7f5283df983a40385c6009bda%3A4%3A%7Bi%3A0%3Bs%3A5%3A%22guest%22%3Bi%3A1%3Bs%3A5%3A%22guest%22%3Bi%3A2%3Bi%3A18000%3Bi%3A3%3Ba%3A8%3A%7Bs%3A2%3A%22id%22%3Bs%3A2%3A%2268%22%3Bs%3A9%3A%22user_role%22%3Bi%3A1%3Bs%3A9%3A%22user_name%22%3Bs%3A5%3A%22Guest%22%3Bs%3A9%3A%22user_type%22%3Bs%3A1%3A%224%22%3Bs%3A14%3A%22user_back_role%22%3Bs%3A2%3A%2210%22%3Bs%3A9%3A%22user_perm%22%3Bs%3A15%3A%2211_view%3B19_view%22%3Bs%3A17%3A%22user_modules_perm%22%3Ba%3A2%3A%7Bs%3A5%3A%22order%22%3Bs%3A4%3A%22view%22%3Bs%3A30%3A%22activity%2FroomOccupancyTimeline%22%3Bs%3A4%3A%22view%22%3B%7Ds%3A24%3A%22user_modules_perm_update%22%3Bi%3A1671039974%3B%7D%7D; expires=Wed, 14-Dec-2022 22:46:14 GMT; Max-Age=18000; path=/
< Location: http://localhost:8888/dashboard
< Content-Length: 0
< Content-Type: text/html; charset=UTF-8
< 
* Connection #0 to host localhost left intact
* Issue another request to this URL: 'http://localhost:8888/dashboard'
* Found bundle for host localhost: 0x55c35fc40ff0 [serially]
* Can not multiplex, even if we wanted to!
* Re-using existing connection! (#0) with host localhost
* Connected to localhost (127.0.0.1) port 8888 (#0)
> GET /dashboard HTTP/1.1
> Host: localhost:8888
> User-Agent: curl/7.81.0
> Accept: */*
> 
* Mark bundle as not supporting multiuse
< HTTP/1.1 302 Found
< Date: Wed, 14 Dec 2022 17:46:14 GMT
< Server: Apache/2.4.25 (Debian)
< X-Powered-By: PHP/5.6.40
< Set-Cookie: PHPSESSID=507b0536633ef1583757985c1c21ce5d; path=/
< Expires: Thu, 19 Nov 1981 08:52:00 GMT
< Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
< Pragma: no-cache
< Set-Cookie: PHPSESSID=68fdffe47dd2b1740883bd77ce33387c; path=/
< Set-Cookie: dashboard_=67d9f27ff40a268e89c0fcd49b54fd85d7617751a%3A4%3A%7Bi%3A0%3Bs%3A5%3A%22guest%22%3Bi%3A1%3Bs%3A5%3A%22guest%22%3Bi%3A2%3Bi%3A18000%3Bi%3A3%3Ba%3A8%3A%7Bs%3A2%3A%22id%22%3Bs%3A2%3A%2268%22%3Bs%3A9%3A%22user_role%22%3Bi%3A1%3Bs%3A9%3A%22user_name%22%3Bs%3A5%3A%22Guest%22%3Bs%3A9%3A%22user_type%22%3Bs%3A1%3A%224%22%3Bs%3A14%3A%22user_back_role%22%3Bs%3A2%3A%2210%22%3Bs%3A9%3A%22user_perm%22%3Bs%3A15%3A%2211_view%3B19_view%22%3Bs%3A17%3A%22user_modules_perm%22%3Ba%3A2%3A%7Bs%3A5%3A%22order%22%3Bs%3A4%3A%22view%22%3Bs%3A30%3A%22activity%2FroomOccupancyTimeline%22%3Bs%3A4%3A%22view%22%3B%7Ds%3A24%3A%22user_modules_perm_update%22%3Bi%3A1671039975%3B%7D%7D; expires=Wed, 14-Dec-2022 22:46:15 GMT; Max-Age=18000; path=/
< Location: http://localhost:8888/dashboard
< Content-Length: 0
< Content-Type: text/html; charset=UTF-8

.
.
.

* Mark bundle as not supporting multiuse
< HTTP/1.1 302 Found
< Date: Wed, 14 Dec 2022 17:46:34 GMT
< Server: Apache/2.4.25 (Debian)
< X-Powered-By: PHP/5.6.40
< Set-Cookie: PHPSESSID=36045b9806a8f6e6af86439602540f6e; path=/
< Expires: Thu, 19 Nov 1981 08:52:00 GMT
< Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
< Pragma: no-cache
< Set-Cookie: PHPSESSID=e7b47ba2ccb26e557ff25ef0defd86e5; path=/
< Set-Cookie: dashboard_=7e42ce5af703a90da1fe0db91faf7de75e1fbb71a%3A4%3A%7Bi%3A0%3Bs%3A5%3A%22guest%22%3Bi%3A1%3Bs%3A5%3A%22guest%22%3Bi%3A2%3Bi%3A18000%3Bi%3A3%3Ba%3A8%3A%7Bs%3A2%3A%22id%22%3Bs%3A2%3A%2268%22%3Bs%3A9%3A%22user_role%22%3Bi%3A1%3Bs%3A9%3A%22user_name%22%3Bs%3A5%3A%22Guest%22%3Bs%3A9%3A%22user_type%22%3Bs%3A1%3A%224%22%3Bs%3A14%3A%22user_back_role%22%3Bs%3A2%3A%2210%22%3Bs%3A9%3A%22user_perm%22%3Bs%3A15%3A%2211_view%3B19_view%22%3Bs%3A17%3A%22user_modules_perm%22%3Ba%3A2%3A%7Bs%3A5%3A%22order%22%3Bs%3A4%3A%22view%22%3Bs%3A30%3A%22activity%2FroomOccupancyTimeline%22%3Bs%3A4%3A%22view%22%3B%7Ds%3A24%3A%22user_modules_perm_update%22%3Bi%3A1671039995%3B%7D%7D; expires=Wed, 14-Dec-2022 22:46:35 GMT; Max-Age=18000; path=/
< Location: http://localhost:8888/dashboard
< Content-Length: 0
< Content-Type: text/html; charset=UTF-8
< 
* Connection #0 to host localhost left intact
* Maximum (50) redirects followed
curl: (47) Maximum (50) redirects followed

I stopped these containers.

Step 2

Recreated the same folder in other location, set a bit different .env variables, ports and etc.., launched by

/var/www/wz/mipo-iqdesk-testing/davidson$ docker-compose up --build

Yet this time when opened in firefox

http://localhost:8889/ => https://localhost:8889/ => SSL_ERROR_RX_RECORD_TOO_LONG

I had no intentions to use SSL, same apache vhost.conf file worked in Step 1 yet fails in other location with SSL error.

$ curl --verbose -L http://localhost:8889
*   Trying 127.0.0.1:8889...
* Connected to localhost (127.0.0.1) port 8889 (#0)
> GET / HTTP/1.1
> Host: localhost:8889
> User-Agent: curl/7.81.0
> Accept: */*
> 
* Mark bundle as not supporting multiuse
< HTTP/1.1 301 Moved Permanently
< Date: Wed, 14 Dec 2022 17:24:56 GMT
< Server: Apache/2.4.25 (Debian)
< Location: https://localhost:8889//
< Content-Length: 309
< Content-Type: text/html; charset=iso-8859-1
< 
* Ignoring the response-body
* Connection #0 to host localhost left intact
* Clear auth, redirects scheme from HTTP to https
* Issue another request to this URL: 'https://localhost:8889//'
* Found bundle for host localhost: 0x559b267feff0 [serially]
* Can not multiplex, even if we wanted to!
* Hostname localhost was found in DNS cache
*   Trying 127.0.0.1:8889...
* Connected to localhost (127.0.0.1) port 8889 (#1)
* ALPN, offering h2
* ALPN, offering http/1.1
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: /etc/ssl/certs
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* (5454) (IN), , Unknown (72):
* error:0A00010B:SSL routines::wrong version number
* Closing connection 1
curl: (35) error:0A00010B:SSL routines::wrong version number

Then changed 8889 to 18889, rebuilt and http://localhost:18889/ was forced to https://localhost:18889/ with same error.

Any ideas?

212
0 + 7
muru avatar
us flag
muru
Add the output `curl --verbose -L http://localhost:8889` to the post please. Copy-paste it was text and use code formatting. If you don't have curl, use `wget --spider` instead.
0
Reply
Artur Meinild avatar
vn flag
Artur Meinild
Maybe provide the exact settings you used for both the first and second container - they could hold some clues.. Also is this 2 different machines?
0
Reply
avrahamm avatar
ss flag
avrahamm
@guiverc Thank you, it is Ubuntu 22.04.1 LTS
0
Reply
avrahamm avatar
ss flag
avrahamm
@muru Thank you. It is too Iong - will add the output as answer.
0
Reply
avrahamm avatar
ss flag
avrahamm
@Artur Meinild Thank you. It is same machine. I will add details in question.
0
Reply
muru avatar
us flag
muru
1) It doesn't look like you're first attempt runs well either (the curl fails with too many redirects, but this time the redirects are to `http://localhost:8888/dashboard` instead of to HTTPS) so some redirection problem already exists, probably in this "dashboard", and 2) it doesn't look like the containers are using Ubuntu, so this question is offtopic here.
0
Reply
avrahamm avatar
ss flag
avrahamm
@muru Thank you for an idea to investigate the code of /dashboard.
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.