Hi, I’m new to this as i just installed this last night, and was able to reverse proxy all my usual services just fine. I decided to add another site/service to proxy over (shinobi). I know this site uses websockets somehow so I added websocket to it.
I have tried this with and without gzip, and I have different results between the two. Without gzip it just shows the login form without any css styling or pictures, and trying to login gives me an internal server error.
You can see that I have the proxy through evolved.site/shinobi and surv.evolved.site to see if it changed anything by trying to access both ways. When trying to access either, it will ask to download the gzip of the site.
A friend of mine said its possible there’s some sort of MIME-type issue thinking it should download instead of read out/print (or whatever you would call it).
I’m just at a loss now since some of the documentation confuses me because i haven’t worked with webserver directives/arguments/etc…
Yes, when I try to access surv.evolved.site, I do get a gzip file, but it is in fact plain text. It looks as if your web server (shinobi) is reporting the wrong MIME type.
Perhaps you can try stripping out the backend server’s incorrect MIME using a Caddy proxy directive like so:
Thanks for checking. I apologize if trying to access evolved.site/shinobi wasn’t working, as i had removed it in the meantime but left surv.evolved.site in the file. I’m glad you tried surv.evolved.site to find the same result as me.
I tried what you said and added the header_downstream line. The issue still stands after changing and restarting Caddy.
Wouldn’t stripping the content type leave the browser completely without context, defaulting to plain text anyway? What happens to any other kind of content, like images?
I think the only solution really is to ensure that the back end server is reporting the correct MIME type. I don’t think Caddy is the right place in the stack to try to inspect and correct problems of this nature.
Well, I’d suggest the problem is a simple one. I think the backend service (your cent1:8080) is doing client inspection to determine what to send back. This is perfectly normal for content encoding. The client would normally send a Accept-Encoding header. Which would tell the service that the content can be served using gzip. My thought would be that since this header is not in the request the backend service webserver who has been given a gzip response has no other option but to replace the Content-Type header with application/x-gzip.
I just performed a test to realise all the request headers are sent over. Of course. Need a coffee. Anyway, perhaps removing the accept headers will help.
package main
import (
"net/http"
"fmt"
"log"
)
func main() {
http.HandleFunc("/", rootFunc)
log.Fatal(http.ListenAndServe(":8080", nil))
}
func rootFunc(w http.ResponseWriter, r *http.Request) {
w.Header().Add("Content-Type", "text/plain")
for k, v := range r.Header {
fmt.Fprintf(w, "%v = %v\n", k, v)
}
}
@matt I noticed Accept-Encoding = [gzip] on the output. All other accept headers have been removed. I think this is being added someplace because Caddy itself can accept gzip content from the upstream. Perhaps this is a bug in of itself, probably unrelated to this topic.
Hey all, just wanted to share a solution to a problem I was having that led me here. I had the same issue as @alistek with getting Shinobi to render behind nginix. It would work just fine when hitting it on the local server directly but using a reverse proxy caused the browser to render the html as text. The fix was to add “add_header X-Frame-Options “SAMEORIGIN”;” to the nginx config. So my final nginx config for shinobi looks like this:
proxy /nodejs http://<host>:<port> {
without /nodejs
websocket
header_upstream Host {host} # or just put "transparent" here, which sets Host
}
nginx user 2 also states that including X-Frame-Options is the fix. Your config sets header_upstream X-Frame-Options "SAMEORIGIN", but I suspect that’s not effective; X-Frame-Options is meant to inform browsers rendering the page, not the server. Try using header_downstream X-Frame-Options "SAMEORIGIN" instead, to send that header to the client.
Well now oddly enough…I’m wondering if it was something the site had in its code before.( possibly related note: I also had issues with viewing the site via android, it was just freezing on login) because I noticed the difference was that it did not have gzip listed. when i first tried everything, i tried without gzip and it didnt like to show any images and gave me errors. I had recently reinstalled/updated shinobi and that fixed the android viewing issue, which it may also was the fix for this.
One by one i commented out lines in that “successful” code… leaving me with