nginx config as follows:
server {
listen 80;
listen [::]:80;
add_header 'Access-Control-Allow-Origin' $http_origin;
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, DELETE, PUT, PATCH';
add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range';
add_header 'Access-Control-Max-Age' 1728000;
server_name erp.dev.thinkerx.com;
access_log /home/thinkerx/nginx/access.log;
error_log /home/thinkerx/nginx/error.log;
location ~ /.well-known {
allow all;
}
# The rest of your server block
root /usr/share/nginx/html/men2017-back-dev/public;
index index.html index.htm index.php;
location /api/ {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ .php$ {
try_files $uri /index.php =404;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_buffers 16 16k;
fastcgi_buffer_size 32k;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
js code as follows:
$.ajax({
type: 'post',
dataType: 'json',
contentType: 'application/json; charset=UTF-8',
url: "http://erp.dev.thinkerx.com/api/external/material/catalogs",
data: JSON.stringify({
domain_id: 2222,
code:'X01',
name:'123063'
}),
success: function (response) {
console.log(response);
},
error: function (xhr, status, error) {
console.log(xhr, status, error);
},
});
then, send request in browser, chrome console shows two request. The first request is preflight, method is OPTION. The second is real request and has response, whose status code is 201.
preflight request
{"data":{"id":"16b7d6a0-9eb6-42ca-9ddb-fc61f5e082c0","domain_id":2222,"name":"1230464","code":"X01","parent_id":null,"created_at":1504698369,"updated_at":1504698369}}
As above, the thing is expected, but i update ajax data.
$.ajax({
type: 'post',
dataType: 'json',
contentType: 'application/json; charset=UTF-8',
url: "http://erp.dev.thinkerx.com/api/external/material/catalogs",
data: JSON.stringify({
domain_id: 2222,
code:'X01',
// name:'123063'
}),
success: function (response) {
console.log(response);
},
error: function (xhr, status, error) {
console.log(xhr, status, error);
},
});
i send the request again.Accidentally, the error occurred.
also two requests, the second status code is 422
{«message»:»Validation Failed»,»errors»:[[«Key name must be
present»]],»status_code»:422}XMLHttpRequest cannot load
http://erp.dev.thinkerx.com/api/external/material/catalogs. No
‘Access-Control-Allow-Origin’ header is present on the requested
resource. Origin ‘http://localhost’ is therefore not allowed access.
The response had HTTP status code 422.
I has some questions as follows:
- Why report same origin policy error?
- I see the response in console, why ajax xhr.responseJSON is undefined? How to fetch the response?
Hi,
I’m already using this Repo for a longer time and I’m pretty happy with it. So first of all thanks for the great work to the maintainers.
Now I have updated my GitLab instance to 15.0.2 and moved my domain which is working with a letsencrypt https certificate. Since then I most of the time I get logged out from GitLab and receive an error 422. Sometimes I’m also able to klick onto another page. But then I see in the developer tools already that some ressources like icons can’t be loaded due to an error 401. If have googled and debugged this error now for a longer time but found nothing that really helped.
In front of my GitLab Instance I have setup an NGINX reverse proxy which worked also pretty good for a long time. It is in the same network as the GitLab-Docker-Containers and its current configuration looks like this right now:
upstream gitlab_upstream {
server 172.21.3.1:80 fail_timeout=0;
}
server {
listen 80;
server_name gitlab.xyz.de;
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name gitlab.xyz.de;
server_tokens off;
ssl_certificate /etc/letsencrypt/lego/xyz.de.crt;
ssl_certificate_key /etc/letsencrypt/lego/xyz.de.key;
ssl_buffer_size 8k;
ssl_dhparam /etc/ssl/certs/dhparam-2048.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;
ssl_ecdh_curve secp384r1;
ssl_session_tickets off;
# OCSP stapling
ssl_stapling on;
ssl_stapling_verify on;
# resolver 8.8.8.8;
# proxy_buffering off;
client_max_body_size 10G;
location / {
gzip off;
include /etc/nginx/proxy_params
proxy_set_header X-Forwarded-Ssl on;
proxy_pass http://gitlab_upstream;
# proxy_set_header Host $http_host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header X-Forwarded-Proto $scheme;
# proxy_set_header X-Frame-Options SAMEORIGIN;
#security headers
# add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
# add_header X-Content-Type-Options "nosniff" always;
# add_header Referrer-Policy "strict-origin-when-cross-origin" always;
# Hide server information
# proxy_hide_header X-Powered-By;
}
}
My docker-compose config looks like this:
version: '2'
networks:
nginx_proxy-tier:
external: true
services:
redis:
restart: 'no'
image: redis:6.2.6
command:
- --loglevel warning
volumes:
- ./volumes/redis:/var/lib/redis:Z
networks:
nginx_proxy-tier:
ipv4_address: 172.21.3.2
postgresql:
restart: 'no'
image: sameersbn/postgresql:12-20200524
volumes:
- ./volumes/postgresql:/var/lib/postgresql:Z
environment:
- DB_USER=gitlab
- DB_PASS=
- DB_NAME=gitlabhq_production
- DB_EXTENSION=pg_trgm,btree_gist
networks:
nginx_proxy-tier:
ipv4_address: 172.21.3.3
gitlab:
restart: 'no'
image: 'sameersbn/gitlab:15.0.2'
#command: /bin/bash
depends_on:
- redis
- postgresql
ports:
- "10080:80"
- "10022:22"
volumes:
- ./volumes/gitlab:/home/git/data:Z
networks:
nginx_proxy-tier:
ipv4_address: 172.21.3.1
environment:
- DEBUG=false
- DB_ADAPTER=postgresql
- DB_HOST=postgresql
- DB_PORT=5432
- DB_USER=gitlab
- DB_PASS=
- DB_NAME=gitlabhq_production
- REDIS_HOST=redis
- REDIS_PORT=6379
- TZ=Europe/Berlin
- GITLAB_TIMEZONE=Berlin
- GITLAB_HTTPS=true
- SSL_SELF_SIGNED=true
- GITLAB_HOST=gitlab.xyz.de
- GITLAB_PORT=10080
- GITLAB_SSH_PORT=10022
- GITLAB_SSH_HOST=gitlab.xyz.de
- GITLAB_RELATIVE_URL_ROOT=
- GITLAB_SECRETS_DB_KEY_BASE=long-and-random-alphanumeric-string
- GITLAB_SECRETS_SECRET_KEY_BASE=long-and-random-alphanumeric-string
- GITLAB_SECRETS_OTP_KEY_BASE=long-and-random-alphanumeric-string
- GITLAB_ROOT_PASSWORD=
- GITLAB_ROOT_EMAIL=
- GITLAB_NOTIFY_ON_BROKEN_BUILDS=true
- GITLAB_NOTIFY_PUSHER=false
- GITLAB_EMAIL=
- GITLAB_EMAIL_REPLY_TO=
- GITLAB_INCOMING_EMAIL_ADDRESS=
- GITLAB_BACKUP_SCHEDULE=daily
- GITLAB_BACKUP_TIME=01:00
- SMTP_ENABLED=true
- SMTP_DOMAIN=www.web.de
- SMTP_HOST=smtp.web.de
- SMTP_PORT=587
- SMTP_USER=
- SMTP_PASS=
- SMTP_STARTTLS=true
- SMTP_TLS=false
- SMTP_AUTHENTICATION=login
- IMAP_ENABLED=false
- IMAP_HOST=imap.gmail.com
- IMAP_PORT=993
- IMAP_USER=mailer@example.com
- IMAP_PASS=password
- IMAP_SSL=true
- IMAP_STARTTLS=false
- OAUTH_ENABLED=false
- OAUTH_AUTO_SIGN_IN_WITH_PROVIDER=
- OAUTH_ALLOW_SSO=
- OAUTH_BLOCK_AUTO_CREATED_USERS=true
- OAUTH_AUTO_LINK_LDAP_USER=false
- OAUTH_AUTO_LINK_SAML_USER=false
- OAUTH_EXTERNAL_PROVIDERS=
- OAUTH_CAS3_LABEL=cas3
- OAUTH_CAS3_SERVER=
- OAUTH_CAS3_DISABLE_SSL_VERIFICATION=false
- OAUTH_CAS3_LOGIN_URL=/cas/login
- OAUTH_CAS3_VALIDATE_URL=/cas/p3/serviceValidate
- OAUTH_CAS3_LOGOUT_URL=/cas/logout
- OAUTH_GOOGLE_API_KEY=
- OAUTH_GOOGLE_APP_SECRET=
- OAUTH_GOOGLE_RESTRICT_DOMAIN=
- OAUTH_FACEBOOK_API_KEY=
- OAUTH_FACEBOOK_APP_SECRET=
- OAUTH_TWITTER_API_KEY=
- OAUTH_TWITTER_APP_SECRET=
- OAUTH_GITHUB_API_KEY=
- OAUTH_GITHUB_APP_SECRET=
- OAUTH_GITHUB_URL=
- OAUTH_GITHUB_VERIFY_SSL=
- OAUTH_GITLAB_API_KEY=
- OAUTH_GITLAB_APP_SECRET=
- OAUTH_BITBUCKET_API_KEY=
- OAUTH_BITBUCKET_APP_SECRET=
- OAUTH_SAML_ASSERTION_CONSUMER_SERVICE_URL=
- OAUTH_SAML_IDP_CERT_FINGERPRINT=
- OAUTH_SAML_IDP_SSO_TARGET_URL=
- OAUTH_SAML_ISSUER=
- OAUTH_SAML_LABEL="Our SAML Provider"
- OAUTH_SAML_NAME_IDENTIFIER_FORMAT=urn:oasis:names:tc:SAML:2.0:nameid-format:transient
- OAUTH_SAML_GROUPS_ATTRIBUTE=
- OAUTH_SAML_EXTERNAL_GROUPS=
- OAUTH_SAML_ATTRIBUTE_STATEMENTS_EMAIL=
- OAUTH_SAML_ATTRIBUTE_STATEMENTS_NAME=
- OAUTH_SAML_ATTRIBUTE_STATEMENTS_USERNAME=
- OAUTH_SAML_ATTRIBUTE_STATEMENTS_FIRST_NAME=
- OAUTH_SAML_ATTRIBUTE_STATEMENTS_LAST_NAME=
- OAUTH_CROWD_SERVER_URL=
- OAUTH_CROWD_APP_NAME=
- OAUTH_CROWD_APP_PASSWORD=
- OAUTH_AUTH0_CLIENT_ID=
- OAUTH_AUTH0_CLIENT_SECRET=
- OAUTH_AUTH0_DOMAIN=
- OAUTH_AZURE_API_KEY=
- OAUTH_AZURE_API_SECRET=
- OAUTH_AZURE_TENANT_ID=
In the production.log I can find the following errors:
Processing by Gitlab::RequestForgeryProtection::Controller#index as HTML
Can't verify CSRF token authenticity.
Completed 422 Unprocessable Entity in 1ms (ActiveRecord: 0.0ms | Elasticsearch: 0.0ms | Allocations: 221)
Can't verify CSRF token authenticity.
Completed 200 OK in 29ms (Views: 0.2ms | ActiveRecord: 2.6ms | Elasticsearch: 0.0ms | Allocations: 12801)
Started GET "/uploads/-/system/project/avatar/34/docker-icon.png" for 95.89.243.88 at 2022-06-12 19:43:19 +0200
Processing by UploadsController#show as HTML
Parameters: {"model"=>"project", "mounted_as"=>"avatar", "id"=>"34", "filename"=>"docker-icon.png"}
Completed 401 Unauthorized in 6ms (ActiveRecord: 1.0ms | Elasticsearch: 0.0ms | Allocations: 2362)
Thanks in advance for your help.
Kind regards,
Stephan
I’ve had the Nginx upload progress module working for several months on various Ubuntu 8.04 servers, but on one of my servers I get 422 errors for every single file I try to upload (all files work on every other server). There’s nothing in any of my logs that tells me anything.
This is the response that nginx gives me: «{ «state» : «error», «status» : 422 }»
The server configuration is identical to the other working servers.
But here’s the really odd part: This only happens when I changed the domain name on the server (I changed the hostname, hosts file, postfix configs, nginx site configuration, and parts of my Rails app to all use the new domain, rebooted the machine, etc.) I grepped through the entire machine and found no trace of the old domain name anywhere. Once I change the domain back to the old one, file uploads work again.
Does anyone know how I might go about troubleshooting what’s going on here? I’m completely stumped.
Edit:
I recompiled nginx with —with-debug, and here’s some debug info from my logs that appears to be relevant here.
2010/11/20 11:55:53 [debug] 8652#0: *13 test location: "upload_progress"
2010/11/20 11:55:53 [debug] 8652#0: *13 using configuration "/upload_progress"
2010/11/20 11:55:53 [debug] 8652#0: *13 http cl:-1 max:10485760
2010/11/20 11:55:53 [debug] 8652#0: *13 generic phase: 2
2010/11/20 11:55:53 [debug] 8652#0: *13 generic phase: 3
2010/11/20 11:55:53 [debug] 8652#0: *13 post rewrite phase: 4
2010/11/20 11:55:53 [debug] 8652#0: *13 generic phase: 5
2010/11/20 11:55:53 [debug] 8652#0: *13 generic phase: 6
2010/11/20 11:55:53 [debug] 8652#0: *13 access phase: 7
2010/11/20 11:55:53 [debug] 8652#0: *13 access phase: 8
2010/11/20 11:55:53 [debug] 8652#0: *13 post access phase: 9
2010/11/20 11:55:53 [debug] 8652#0: *13 http set discard body
2010/11/20 11:55:53 [debug] 8652#0: *13 upload-progress: get_tracking_id
2010/11/20 11:55:53 [debug] 8652#0: *13 malloc: 080E7CA0:8
2010/11/20 11:55:53 [debug] 8652#0: *13 upload-progress: get_tracking_id found header: b3fec
2010/11/20 11:55:53 [debug] 8652#0: *13 reportuploads handler found id: b3fec
2010/11/20 11:55:53 [debug] 8652#0: *13 upload-progress: find_node b3fec
2010/11/20 11:55:53 [debug] 8652#0: *13 upload-progress: found node
2010/11/20 11:55:53 [debug] 8652#0: *13 reportuploads found node: b3fec (rest: 0, length: 168849, done: 1, err_status: 422)
2010/11/20 11:55:53 [debug] 8652#0: *13 http script copy: "{ "state" : "error", "status" : "
2010/11/20 11:55:53 [debug] 8652#0: *13 http script var: "422"
2010/11/20 11:55:53 [debug] 8652#0: *13 http script copy: " }
"
2010/11/20 11:55:53 [debug] 8652#0: *13 upload progress: state=1, err_status=422, remaining=168849, length=168849
2010/11/20 11:55:53 [debug] 8652#0: *13 uploadprogress error-tracker error: 0
2010/11/20 11:55:53 [debug] 8652#0: *13 HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Sat, 20 Nov 2010 19:55:53 GMT
Content-Type: application/json
Content-Length: 39
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
2010/11/20 11:55:53 [debug] 8652#0: *13 write new buf t:1 f:0 080DF1F0, pos 080DF1F0, size: 219 file: 0, size: 0
2010/11/20 11:55:53 [debug] 8652#0: *13 http write filter: l:0 f:0 s:219
2010/11/20 11:55:53 [debug] 8652#0: *13 http output filter "/upload_progress?"
2010/11/20 11:55:53 [debug] 8652#0: *13 copy filter: "/upload_progress?"
2010/11/20 11:55:53 [debug] 8652#0: *13 http postpone filter "/upload_progress?" BFEB0A78
2010/11/20 11:55:53 [debug] 8652#0: *13 write old buf t:1 f:0 080DF1F0, pos 080DF1F0, size: 219 file: 0, size: 0
2010/11/20 11:55:53 [debug] 8652#0: *13 write new buf t:1 f:0 080DF160, pos 080DF160, size: 39 file: 0, size: 0
2010/11/20 11:55:53 [debug] 8652#0: *13 http write filter: l:1 f:0 s:258
2010/11/20 11:55:53 [debug] 8652#0: *13 http write filter limit 0
2010/11/20 11:55:53 [debug] 8652#0: *13 writev: 258
2010/11/20 11:55:53 [debug] 8652#0: *13 http write filter 00000000
2010/11/20 11:55:53 [debug] 8652#0: *13 copy filter: 0 "/upload_progress?"
2010/11/20 11:55:53 [debug] 8652#0: *13 http finalize request: 0, "/upload_progress?" 1
2010/11/20 11:55:53 [debug] 8652#0: *13 set http keepalive handler
2010/11/20 11:55:53 [debug] 8652#0: *13 http close request
BNAME.RU » Код ошибки HTTP 422 Unprocessable Entity
Что означает ошибка 422 Unprocessable Entity?
Ответ 422 (не обрабатываемый объект) означает, что сервер понимает указанный тип данных (следовательно, состояние 415 (неподдерживаемый тип носителя) не подходит), и синтаксис запроса верен (поэтому состояние 400 (плохой запрос) не подходит), но команды, содержащиеся в запросе, не могут быть выполнены. Например, эта ошибка может возникнуть, если тело запроса было синтаксически корректным, но содержало семантическую ошибку.
Loading