Problem of reverse proxy,Blank content

Nutterchen · July 22, 2020, 9:03am

1. Caddy version (`caddy version`):

v2.1.1 h1:X9k1+ehZPYYrSqBvf/ocUgdLSRIuiNiMo7CvyGUQKeA=

2. How I run Caddy:

a. System environment:

ubuntu1804

b. Command:

caddy run --config /etc/caddy/Caddyfile

c. Service/unit/compose file:

paste full file contents here

d. My complete Caddyfile or JSON config:

http://localhost:80 {
    encode gzip
    reverse_proxy www.google.com
    }
https://localhost:1234 {
    encode gzip
    tls /root/trojan/trojan.crt /root/trojan/trojan.key
    reverse_proxy www.google.com
    }

3. The problem I’m having:

trying to deploy a reverse proxy server, using the above configuration file, I can open https://localhost:1234, and its running with the certificate of trojan.crt, but the content of www.google.com is not displayed on the webpage, and the webpage is blank of.

4. Error messages and/or full log output:

2020/07/22 08:57:58.623	INFO	using provided configuration	{"config_file": "/etc/caddy/Caddyfile", "config_adapter": ""}
2020/07/22 08:57:58.627	INFO	admin	admin endpoint started	{"address": "tcp/localhost:2019", "enforce_origin": false, "origins": ["localhost:2019", "[::1]:2019", "127.0.0.1:2019"]}
2020/07/22 08:57:58.638	INFO	http	enabling automatic HTTP->HTTPS redirects	{"server_name": "srv0"}
2020/07/22 08:57:58.639	INFO	http	server is listening only on the HTTP port, so no automatic HTTPS will be applied to this server	{"server_name": "srv1", "http_port": 80}
2020/07/22 08:57:58.640	INFO	tls	setting internal issuer for automation policy that has only internal subjects but no issuer configured	{"subjects": ["localhost"]}
2020/07/22 08:57:58.641	WARN	http	user server is listening on same interface as automatic HTTP->HTTPS redirects; user-configured routes might override these redirects	{"server_name": "srv1", "interface": "tcp/:80"}
2020/07/22 08:57:58.641	INFO	tls	cleaned up storage units
2020/07/22 04:57:58 [INFO][cache:0xc0007dacc0] Started certificate maintenance routine
2020/07/22 08:57:58.688	INFO	pki.ca.local	root certificate is already trusted by system	{"path": "storage:pki/authorities/local/root.crt"}
2020/07/22 08:57:58.688	INFO	http	enabling automatic TLS certificate management	{"domains": ["localhost"]}
2020/07/22 04:57:58 [WARNING] Stapling OCSP: no OCSP stapling for [localhost]: no OCSP server specified in certificate
2020/07/22 08:57:58.689	INFO	autosaved config	{"file": "/root/.config/caddy/autosave.json"}
2020/07/22 08:57:58.690	INFO	serving initial configuration

5. What I already tried:

replaced the webpage of reverse proxy-dont work,the same problem

6. Links to relevant resources:

https://singapore-guangzhou-2.v2cat.site:1234/
Is running, but may be closed, testing

francislavoie · July 22, 2020, 9:08am

Try proxying to anything that isn’t Google. They’re likely blocking requests that look like coming from a reverse proxy.

Nutterchen · July 22, 2020, 9:10am

I suspected at first, but after checking, it didn’t block
I also tried to reverse proxy other websites, but the problem is the same

francislavoie · July 22, 2020, 9:25am

What are you actually trying to do here? reverse_proxy is meant to proxy to internal services, not to other websites.

Anyways, works for me:

:8882 {
	reverse_proxy https://google.com
}

$ curl -v localhost:8882
* Rebuilt URL to: localhost:8882/
*   Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 8882 (#0)
> GET / HTTP/1.1
> Host: localhost:8882
> User-Agent: curl/7.58.0
> Accept: */*
>
< HTTP/1.1 404 Not Found
< Content-Length: 1561
< Content-Type: text/html; charset=UTF-8
< Date: Wed, 22 Jul 2020 09:29:45 GMT
< Referrer-Policy: no-referrer
< Server: Caddy
<
<!DOCTYPE html>
<html lang=en>
  <meta charset=utf-8>
  <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">
  <title>Error 404 (Not Found)!!1</title>
  <style>
    *{margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px}* > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) 0}}@media only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:150px}
  </style>
  <a href=//www.google.com/><span id=logo aria-label=Google></span></a>
  <p><b>404.</b> <ins>That’s an error.</ins>
  <p>The requested URL <code>/</code> was not found on this server.  <ins>That’s all we know.</ins>
* Connection #0 to host localhost left intact

Whitestrake · July 23, 2020, 12:14am

I got a slightly better result than @francislavoie by overriding the default transparent behaviour (i.e. using the client’s provided Host header).

http://:8080 {
  reverse_proxy https://www.google.com {
    header_up Host {http.reverse_proxy.upstream.host}
  }
}

And the result:

2020/07/23 00:11:44.687	DEBUG	http.handlers.reverse_proxy	upstream roundtrip {
  "upstream": "www.google.com:443",
  "request": {
    "method": "GET",
    "uri": "/",
    "proto": "HTTP/1.1",
    "remote_addr": "[::1]:55736",
    "host": "www.google.com",
    "headers": {
      "X-Forwarded-For": [
        "::1"
      ],
      "User-Agent": [
        "curl/7.64.1"
      ],
      "Accept": [
        "*/*"
      ],
      "X-Forwarded-Proto": [
        "http"
      ]
    }
  },
  "duration": 0.516646619,
  "headers": {
    "Set-Cookie": [
      "1P_JAR=2020-07-23-00; expires=Sat, 22-Aug-2020 00:11:44 GMT; path=/; domain=.google.com; Secure",
      "NID=204=mQvjqSvJE6f43eOI_FLH4Burs_zidt1696exm5Y2pbpiDeISHEXEUCHTdstvNasLA-LaHWmU9lBRk7z-DhrYfj1KJ_UpwYlYEkqSPeLPJLNjwAZwFWtfWPNYXs1x8bztqP9WEc7EL6U3OV67bTeVUzxyCEclFgv1A7TQK6oAmQQ; expires=Fri, 22-Jan-2021 00:11:44 GMT; path=/; domain=.google.com; HttpOnly"
    ],
    "Date": [
      "Thu, 23 Jul 2020 00:11:44 GMT"
    ],
    "Cache-Control": [
      "private, max-age=0"
    ],
    "P3p": [
      "CP=\"This is not a P3P policy! See g.co/p3phelp for more info.\""
    ],
    "Server": [
      "gws"
    ],
    "Expires": [
      "-1"
    ],
    "Content-Type": [
      "text/html; charset=ISO-8859-1"
    ],
    "X-Xss-Protection": [
      "0"
    ],
    "X-Frame-Options": [
      "SAMEORIGIN"
    ],
    "Alt-Svc": [
      "h3-29=\":443\"; ma=2592000,h3-27=\":443\"; ma=2592000,h3-T050=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\""
    ]
  },
  "status": 200
}

See also similar issue encountered by another user:

system · August 21, 2020, 9:03am

This topic was automatically closed after 30 days. New replies are no longer allowed.