Rack::Protection::HttpOrigin blocking POST through Nginx proxy #98
Comments
|
I will take a look before the next release. You have to change the config.ru file |
|
Thanks @minad; please let me know if you have a sense of time-frame for that. My current Nginx configuration, in this regard, looks like so: |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This maybe a matter of configuration, but I'm not a Ruby developer (yet), so I'm not sure where to look for either diagnosing or fixing it properly.
I've got an Nginx installation proxying requests to Olelo. It seems GET requests work fine.
POST requests get a 403 Forbidden response, and in my console I see a log from Olelo:
WARN -- : attack prevented by Rack::Protection::HttpOriginNginx is responding to hostname
a.b.c(example), and Olelo is using Thin, currently, to listen on0.0.0.0:3535.What requirements does this Protection module enforce? Are there specific HTTP headers I need to pass through? (I'm already trying with Origin and Cookie headers, but no luck.)
Is this a matter of configuring Olelo differently?
Thanks!
The text was updated successfully, but these errors were encountered: