4

当我使用 nginx 时,在 openmeeting 5.0.0-M2 中登录时出现 400 错误。

我的nginx配置如下:

server {
listen 443 ssl;
ssl on;
ssl_certificate path_to_certificate;
ssl_certificate_key path_to_key;

server_name myservername;

location /openmeetings/ {
            proxy_pass http://127.0.0.1:5080/openmeetings/;
            proxy_set_header Host $host;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header Referer 'http://$host/openmeetings/';
            proxy_set_header X-Real-IP $remote_addr;
        }

}

我的日志文件:

CsrfPreventionRequestCycleListener:779 [nio-5080-exec-4]ESC[0;39m - Possible CSRF attack, request URL:
 http://ocean.paramatrix.com/openmeetings/wicket/bookmarkable/org.apache.openmee
tings.web.pages.HashPage, Origin: https://ocean.paramatrix.com, action: aborted 
with error 400 Origin does not correspond to request

虽然这在 Firefox 浏览器上运行良好,但在 chrome 浏览器上运行良好。

有谁知道,我需要做哪些其他配置?任何帮助表示赞赏。

4

2 回答 2

0

Openmeetings 使用带有 5443 端口的 ssl 本身运行。你应该试试这个:

proxy_pass http://127.0.0.1:5443/openmeetings/;

于 2020-04-28T15:22:29.427 回答
0

尝试将 Referer 标头设置为 HTTPS:

 proxy_set_header Referer 'https://$ho....
于 2019-09-14T04:49:59.257 回答