HTTP 404 عندما لا يكون text/html هو الأول في رأس طلب accept

tgm · 14 فبراير 2023، 9:34م

يبدو أن ترتيب أنواع MIME في رأس طلب accept المرسل إلى خادم Discourse مهم:

curl -i -H 'Accept: text/plain, text/html' https://meta.discourse.org
HTTP/2 404 
...

curl -i -H 'Accept: text/html, text/plain' https://meta.discourse.org
HTTP/2 200
...

sam · 16 فبراير 2023، 12:48ص

هذا سيؤثر بشكل أساسي على مستهلكي واجهة برمجة التطبيقات (API) على ما أعتقد. أرحب بطلب سحب (PR) يقوم بتصحيح هذا.

abdallahalsamman · 30 مارس 2023، 12:54م

لقد جربت هذا على إصدار التطوير، وأحصل على 200 OK من Rails::WelcomeController#index لكلا الرأسين Accept: text/html, text/plain و Accept: text/plain, text/html.

بدأ GET "/" لـ 127.0.0.1 في 2023-03-30 15:52:45 +0300
المعالجة بواسطة Rails::WelcomeController#index كنص
عرض /Users/machine/.rbenv/versions/3.2.1/lib/ruby/gems/3.2.0/gems/railties-7.0.4.3/lib/rails/templates/rails/welcome/index.html.erb
تم عرض /Users/machine/.rbenv/versions/3.2.1/lib/ruby/gems/3.2.0/gems/railties-7.0.4.3/lib/rails/templates/rails/welcome/index.html.erb (المدة: 0.1 مللي ثانية | التخصيصات: 36)
اكتمل 200 OK في 1 مللي ثانية (العروض: 1.3 مللي ثانية | ActiveRecord: 0.0 مللي ثانية | التخصيصات: 796)

machine@machines-MacBook-Pro discourse % curl -I -H 'Accept: text/html, text/plain' http://127.0.01:4200
HTTP/1.1 200 OK
X-Powered-By: Express
cache-control: no-store, must-revalidate, private, max-age=0
connection: close
content-security-policy: base-uri 'self'; object-src 'none'; script-src http://127.0.01:4200/assets/ http://127.0.01:4200/ember-cli-live-reload.js http://127.0.01:4200/_lr/ http://127.0.01:4200/logs/ http://127.0.01:4200/sidekiq/ http://127.0.01:4200/mini-profiler-resources/ http://127.0.01:4200/assets/ http://127.0.01:4200/brotli_asset/ http://127.0.01:4200/extra-locales/ http://127.0.01:4200/highlight-js/ http://127.0.01:4200/javascripts/ http://127.0.01:4200/plugins/ http://127.0.01:4200/theme-javascripts/ http://127.0.01:4200/svg-sprite/ 'unsafe-eval' http://127.0.01:4200/ember-cli-live-reload.js http://127.0.01:4200/_lr/ 'sha256-Gty3/aPWFfSvz7pdT39HY97/+2opLup9V0L19ZF0IwY='; worker-src 'self' http://127.0.01:4200/assets/ http://127.0.01:4200/brotli_asset/ http://127.0.01:4200/javascripts/ http://127.0.01:4200/plugins/; frame-ancestors 'self'; manifest-src 'self'
Content-Type: text/html; charset=utf-8
date: Thu, 30 Mar 2023 12:51:19 GMT
referrer-policy: strict-origin-when-cross-origin
set-cookie: __profilin=p%3Dt; path=/; HttpOnly; SameSite=Lax
Vary: Accept, Accept-Encoding
x-content-type-options: nosniff
x-discourse-route: list/latest
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-miniprofiler-ids: 3uaox120htfj3nkrwxvy,v4ylpbinbd6pz2p7ar2l,8snf28djimkyzf5vpe5v,iq2fhxx37pkunle3zzxv,o5b5ae8lxmj9vgazlydh,spjovt9bn2x0ziaikfxh,ut7qvfhrp7pt2hflvf1r,m428xr7orlndjj5fm17n,eryv846zt9oqyiccvw4,t8fp5g9iqbfxrmkd3qv9,jea1zbtm7vu2zbmb1kdk,u5h4t1804men5vx9xuvd
x-miniprofiler-original-cache-control: no-cache, no-store
x-permitted-cross-domain-policies: none
x-request-id: be9de952-9043-41a9-adca-1c5124b1ff90
x-xss-protection: 0
content-encoding: null
Content-Length: 0
ETag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"

machine@machines-MacBook-Pro discourse % curl -I -H 'Accept: text/plain, text/html' http://127.0.01:4200
HTTP/1.1 200 OK
X-Powered-By: Express
cache-control: no-store, must-revalidate, private, max-age=0
connection: close
content-security-policy: base-uri 'self'; object-src 'none'; script-src http://127.0.01:4200/assets/ http://127.0.01:4200/ember-cli-live-reload.js http://127.0.01:4200/_lr/ http://127.0.01:4200/logs/ http://127.0.01:4200/sidekiq/ http://127.0.01:4200/mini-profiler-resources/ http://127.0.01:4200/assets/ http://127.0.01:4200/brotli_asset/ http://127.0.01:4200/extra-locales/ http://127.0.01:4200/highlight-js/ http://127.0.01:4200/javascripts/ http://127.0.01:4200/plugins/ http://127.0.01:4200/theme-javascripts/ http://127.0.01:4200/svg-sprite/ 'unsafe-eval' http://127.0.01:4200/ember-cli-live-reload.js http://127.0.01:4200/_lr/ 'sha256-Gty3/aPWFfSvz7pdT39HY97/+2opLup9V0L19ZF0IwY='; worker-src 'self' http://127.0.01:4200/assets/ http://127.0.01:4200/brotli_asset/ http://127.0.01:4200/javascripts/ http://127.0.01:4200/plugins/; frame-ancestors 'self'; manifest-src 'self'
Content-Type: text/html; charset=utf-8
date: Thu, 30 Mar 2023 12:51:26 GMT
referrer-policy: strict-origin-when-cross-origin
set-cookie: __profilin=p%3Dt; path=/; HttpOnly; SameSite=Lax
Vary: Accept, Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-miniprofiler-ids: fw6wmg2wtmnuc4qqk5ri,3uaox120htfj3nkrwxvy,v4ylpbinbd6pz2p7ar2l,8snf28djimkyzf5vpe5v,iq2fhxx37pkunle3zzxv,o5b5ae8lxmj9vgazlydh,spjovt9bn2x0ziaikfxh,ut7qvfhrp7pt2hflvf1r,m428xr7orlndjj5fm17n,eryv846zt9oqyiccvw4,t8fp5g9iqbfxrmkd3qv9,jea1zbtm7vu2zbmb1kdk,u5h4t1804men5vx9xuvd
x-permitted-cross-domain-policies: none
x-request-id: 00c3add3-15ec-42d5-9c82-9d6ce09b09fd
x-xss-protection: 0
content-encoding: null
Content-Length: 0
ETag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"

machine@machines-MacBook-Pro discourse %

@sam هل يمكنك تقديم بعض التوجيهات حول كيفية إصلاح هذا؟

sam · 31 مارس 2023، 12:12ص

لن يكون هذا سهلاً لتصحيح الأخطاء، قد يتعلق بتكوين NGINX في بيئة الإنتاج، ربما يكون هذا في Rails لست متأكداً.

سأحاول أولاً إجراء الطلب مباشرة إلى عملية Rails وليس إلى وكيل express، إذا نجح ذلك فسأقوم بعد ذلك بتصحيح إعداد Docker في بيئة الإنتاج محلياً.

abdallahalsamman · 31 مارس 2023، 12:19ص

نعم، إرسال الطلبات مباشرة إلى عملية Rails لا يعيد إنتاج المشكلة أيضًا

machine@machines-MacBook-Pro discourse % curl -I -H 'Accept: text/plain, text/html' http://127.0.0.1:3000
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 00:17:12 GMT
Connection: close
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Content-Type: text/html; charset=utf-8
Vary: Accept
Content-Security-Policy: base-uri 'self'; object-src 'none'; script-src http://127.0.0.1:3000/logs/ http://127.0.0.1:3000/sidekiq/ http://127.0.0.1:3000/mini-profiler-resources/ http://127.0.0.1:3000/assets/ http://127.0.0.1:3000/brotli_asset/ http://127.0.0.1:3000/extra-locales/ http://127.0.0.1:3000/highlight-js/ http://127.0.0.1:3000/javascripts/ http://127.0.0.1:3000/plugins/ http://127.0.0.1:3000/theme-javascripts/ http://127.0.0.1:3000/svg-sprite/ 'unsafe-eval' http://127.0.0.1:3000/ember-cli-live-reload.js http://127.0.0.1:3000/_lr/ 'sha256-Gty3/aPWFfSvz7pdT39HY97/+2opLup9V0L19ZF0IwY='; worker-src 'self' http://127.0.0.1:3000/assets/ http://127.0.0.1:3000/brotli_asset/ http://127.0.0.1:3000/javascripts/ http://127.0.0.1:3000/plugins/; frame-ancestors 'self'; manifest-src 'self'
X-Request-Id: 9a58c127-bc9e-4c27-a6a4-2ac5b9d34e5f
Cache-Control: no-store, must-revalidate, private, max-age=0
X-MiniProfiler-Ids: vit385ud6hkrs02yr6r,3izsng340krymolreb78,cq88v42hj61giemunux3,dq9oli1nmmat6k4o274k,37obrexoyg8146xozpqg,qucwk4opydg3vjyj3kz2,b54tne0pbtipq7rie4j9,m2syvsy4jl6wi0q3c2g5,72du4xsbgjmr67p4mhdx,zw5wg2t6susof6zele0y,kar63by1273tae1l0qgw
Set-Cookie: __profilin=p%3Dt; path=/; HttpOnly; SameSite=Lax

machine@machines-MacBook-Pro discourse % curl -I -H 'Accept: text/html, text/plain' http://127.0.0.1:3000
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 00:17:15 GMT
Connection: close
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
X-Discourse-Route: list/latest
Content-Type: text/html; charset=utf-8
Vary: Accept
Cache-Control: no-store, must-revalidate, private, max-age=0
Content-Security-Policy: base-uri 'self'; object-src 'none'; script-src http://127.0.0.1:3000/logs/ http://127.0.0.1:3000/sidekiq/ http://127.0.0.1:3000/mini-profiler-resources/ http://127.0.0.1:3000/assets/ http://127.0.0.1:3000/brotli_asset/ http://127.0.0.1:3000/extra-locales/ http://127.0.0.1:3000/highlight-js/ http://127.0.0.1:3000/javascripts/ http://127.0.0.1:3000/plugins/ http://127.0.0.1:3000/theme-javascripts/ http://127.0.0.1:3000/svg-sprite/ 'unsafe-eval' http://127.0.0.1:3000/ember-cli-live-reload.js http://127.0.0.1:3000/_lr/ 'sha256-Gty3/aPWFfSvz7pdT39HY97/+2opLup9V0L19ZF0IwY='; worker-src 'self' http://127.0.0.1:3000/assets/ http://127.0.0.1:3000/brotli_asset/ http://127.0.0.1:3000/javascripts/ http://127.0.0.1:3000/plugins/; frame-ancestors 'self'; manifest-src 'self'
X-Request-Id: 8ac7c6b7-512e-4c1b-b868-88f3a1ea200c
X-MiniProfiler-Original-Cache-Control: no-cache, no-store
X-MiniProfiler-Ids: tae1e7defycsvswht8d2,vit385ud6hkrs02yr6r,3izsng340krymolreb78,cq88v42hj61giemunux3,dq9oli1nmmat6k4o274k,37obrexoyg8146xozpqg,qucwk4opydg3vjyj3kz2,b54tne0pbtipq7rie4j9,m2syvsy4jl6wi0q3c2g5,72du4xsbgjmr67p4mhdx,zw5wg2t6susof6zele0y,kar63by1273tae1l0qgw
Set-Cookie: __profilin=p%3Dt; path=/; HttpOnly; SameSite=Lax

سأقوم بالتحقيق أكثر باستخدام إعداد Docker إنتاجي محليًا

الموضوع		الردود	مرات العرض
API post request without an Accept header returns 406 Feature	1	772	7 يناير 2021
Link preview HTTP GET breaks spec Bug	14	1443	30 أكتوبر 2025
Request header field Dont-Chunk is not allowed by Access-Control-Allow-Headers in preflight response Bug	5	1836	31 أغسطس 2016
Discourse behind reverse proxy and https Installation	18	7151	13 مارس 2022
Mixed SSL since upgrade Installation	14	662	30 ديسمبر 2022

HTTP 404 عندما لا يكون text/html هو الأول في رأس طلب accept

الموضوعات ذات الصلة