Firefox、Chromium 和 Brave 浏览器在 docker 容器 localhost:8889 上强制将 http 转换为 https

Firefox、Chromium 和 Brave 浏览器在 docker 容器 localhost:8889 上强制将 http 转换为 https

步骤1

我在 Ubuntu 22.04.1 LTS 上的某个文件夹中将一些旧版 php 5.3 应用程序 docker 化了

docker-compose.yml

version: "3.9"
services:
  # docker-compose up
  # works with Mysql db and with Xdebug.
  app:
    build:
      context: .
      dockerfile: .docker/Dockerfile
    depends_on:
      - mysql
    restart: always
    ports:
      - '${APP_PORT}:80'
    volumes:
      - .:/var/www/html/srv/mipo
    environment:
      DB_HOST: mysql
      DB_USER: '${DB_USER}'
      DB_PASSWORD: '${DB_PASSWORD}'
      DB_DATABASE: '${DB_DATABASE}'
      # @link:https://www.youtube.com/watch?v=9MhHQJjMulk
      XDEBUG_CONFIG: "remote_host=host.docker.internal remote_enable=1 remote_connect_back=1"
      PHP_IDE_CONFIG: "serverName=localhost"

# at mipo-test/protected/config/database.php
# 'connectionString' => 'mysql:host=mysql;port=3306;dbname=yii_davidson_copy',
  mysql:
    image: mysql:5.5
    restart: always
    ports:
      - '${DB_HOST_PORT}:3306'
    volumes:
      - dbdata:/var/lib/mysql
    environment:
      MYSQL_DATABASE: '${MYSQL_DATABASE}'
      MYSQL_ROOT_PASSWORD: '${MYSQL_ROOT_PASSWORD}'

volumes:
  dbdata:

Dockerfile

FROM phpstorm/php-56-apache-xdebug-25

RUN docker-php-ext-install pdo_mysql \
    && a2enmod rewrite \
&& rm -f /etc/apache2/sites-available/* \
&& rm -f /etc/apache2/sites-enabled/* \
&& a2enmod rewrite

COPY .docker/httpd-foreground /usr/local/bin/
COPY .docker/vhost.conf /etc/apache2/sites-available/000-default.conf
COPY . /var/www/html/srv/mipo

RUN ln -s /etc/apache2/sites-available/000-default.conf \
/etc/apache2/sites-enabled/000-default.conf \
&& chmod +x /usr/local/bin/httpd-foreground \
&& chown -R www-data:www-data /var/www/html/srv/mipo \
&& chmod 777 -R /var/www/html/srv/mipo 

WORKDIR /var/www/html/srv/mipo

RUN chmod +x /usr/local/bin/httpd-foreground

EXPOSE 80

CMD ["httpd-foreground"]

虚拟主机配置文件

<VirtualHost *:80>
    ServerName localhost

    DocumentRoot /var/www/html/srv/mipo

    <Directory "/var/www/html/srv/mipo">
        # use mod_rewrite for pretty URL support
        RewriteEngine on

        # if $showScriptName is false in UrlManager, do not allow accessing URLs with script name
        RewriteRule ^index.php/ - [L,R=404]

        # If a directory or a file exists, use the request directly
        RewriteCond %{REQUEST_FILENAME} !-f
        RewriteCond %{REQUEST_FILENAME} !-d

        # Otherwise forward the request to index.php
        RewriteRule . index.php
        ### YII additions

        Options Indexes FollowSymLinks MultiViews
        AllowOverride All
        Order allow,deny
        allow from all
        Require all granted
    
    </Directory>

    ErrorLog /dev/stderr
    CustomLog /dev/stdout combined
</VirtualHost>

httpd 前台

#!/bin/bash
set -e

# Apache gets grumpy about PID files pre-existing
rm -f /usr/local/apache2/logs/httpd.pid
source /etc/apache2/envvars && exec apachectl -D FOREGROUND
avraham@avraham-IdeaPad-L3-15ITL6:/var/www/wz/davidson/mipo-test$ docker ps
CONTAINER ID   IMAGE           COMMAND                  CREATED          STATUS          PORTS                                         NAMES
1ddbe01eaf9b   mipo-test_app   "docker-php-entrypoi…"   32 seconds ago   Up 30 seconds   0.0.0.0:8888->80/tcp, :::8888->80/tcp         mipo-test_app_1
99740e8fddf5   mysql:5.5       "docker-entrypoint.s…"   3 hours ago      Up 31 seconds   0.0.0.0:13307->3306/tcp, :::13307->3306/tcp   mipo-test_mysql_1
avraham@avraham-IdeaPad-L3-15ITL6:/var/www/wz/davidson/mipo-test$

它在 Firefox 中可以通过 http://localhost:8888 运行

$ curl --verbose -L http://localhost:8888
*   Trying 127.0.0.1:8888...
* Connected to localhost (127.0.0.1) port 8888 (#0)
> GET / HTTP/1.1
> Host: localhost:8888
> User-Agent: curl/7.81.0
> Accept: */*
> 
* Mark bundle as not supporting multiuse
< HTTP/1.1 302 Found
< Date: Wed, 14 Dec 2022 17:46:14 GMT
< Server: Apache/2.4.25 (Debian)
< X-Powered-By: PHP/5.6.40
< Location: /dashboard/
< Content-Length: 0
< Content-Type: text/html; charset=UTF-8
< 
* Connection #0 to host localhost left intact
* Issue another request to this URL: 'http://localhost:8888/dashboard/'
* Found bundle for host localhost: 0x55c35fc40ff0 [serially]
* Can not multiplex, even if we wanted to!
* Re-using existing connection! (#0) with host localhost
* Connected to localhost (127.0.0.1) port 8888 (#0)
> GET /dashboard/ HTTP/1.1
> Host: localhost:8888
> User-Agent: curl/7.81.0
> Accept: */*
> 
* Mark bundle as not supporting multiuse
< HTTP/1.1 302 Found
< Date: Wed, 14 Dec 2022 17:46:14 GMT
< Server: Apache/2.4.25 (Debian)
< X-Powered-By: PHP/5.6.40
< Set-Cookie: PHPSESSID=ed04279896a644c270343c37abf8077f; path=/
< Expires: Thu, 19 Nov 1981 08:52:00 GMT
< Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
< Pragma: no-cache
< Set-Cookie: PHPSESSID=aff7d70cc34295026fb8d8b520fcc991; path=/
< Set-Cookie: dashboard_=a47300809cc366cc7f5283df983a40385c6009bda%3A4%3A%7Bi%3A0%3Bs%3A5%3A%22guest%22%3Bi%3A1%3Bs%3A5%3A%22guest%22%3Bi%3A2%3Bi%3A18000%3Bi%3A3%3Ba%3A8%3A%7Bs%3A2%3A%22id%22%3Bs%3A2%3A%2268%22%3Bs%3A9%3A%22user_role%22%3Bi%3A1%3Bs%3A9%3A%22user_name%22%3Bs%3A5%3A%22Guest%22%3Bs%3A9%3A%22user_type%22%3Bs%3A1%3A%224%22%3Bs%3A14%3A%22user_back_role%22%3Bs%3A2%3A%2210%22%3Bs%3A9%3A%22user_perm%22%3Bs%3A15%3A%2211_view%3B19_view%22%3Bs%3A17%3A%22user_modules_perm%22%3Ba%3A2%3A%7Bs%3A5%3A%22order%22%3Bs%3A4%3A%22view%22%3Bs%3A30%3A%22activity%2FroomOccupancyTimeline%22%3Bs%3A4%3A%22view%22%3B%7Ds%3A24%3A%22user_modules_perm_update%22%3Bi%3A1671039974%3B%7D%7D; expires=Wed, 14-Dec-2022 22:46:14 GMT; Max-Age=18000; path=/
< Location: http://localhost:8888/dashboard
< Content-Length: 0
< Content-Type: text/html; charset=UTF-8
< 
* Connection #0 to host localhost left intact
* Issue another request to this URL: 'http://localhost:8888/dashboard'
* Found bundle for host localhost: 0x55c35fc40ff0 [serially]
* Can not multiplex, even if we wanted to!
* Re-using existing connection! (#0) with host localhost
* Connected to localhost (127.0.0.1) port 8888 (#0)
> GET /dashboard HTTP/1.1
> Host: localhost:8888
> User-Agent: curl/7.81.0
> Accept: */*
> 
* Mark bundle as not supporting multiuse
< HTTP/1.1 302 Found
< Date: Wed, 14 Dec 2022 17:46:14 GMT
< Server: Apache/2.4.25 (Debian)
< X-Powered-By: PHP/5.6.40
< Set-Cookie: PHPSESSID=507b0536633ef1583757985c1c21ce5d; path=/
< Expires: Thu, 19 Nov 1981 08:52:00 GMT
< Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
< Pragma: no-cache
< Set-Cookie: PHPSESSID=68fdffe47dd2b1740883bd77ce33387c; path=/
< Set-Cookie: dashboard_=67d9f27ff40a268e89c0fcd49b54fd85d7617751a%3A4%3A%7Bi%3A0%3Bs%3A5%3A%22guest%22%3Bi%3A1%3Bs%3A5%3A%22guest%22%3Bi%3A2%3Bi%3A18000%3Bi%3A3%3Ba%3A8%3A%7Bs%3A2%3A%22id%22%3Bs%3A2%3A%2268%22%3Bs%3A9%3A%22user_role%22%3Bi%3A1%3Bs%3A9%3A%22user_name%22%3Bs%3A5%3A%22Guest%22%3Bs%3A9%3A%22user_type%22%3Bs%3A1%3A%224%22%3Bs%3A14%3A%22user_back_role%22%3Bs%3A2%3A%2210%22%3Bs%3A9%3A%22user_perm%22%3Bs%3A15%3A%2211_view%3B19_view%22%3Bs%3A17%3A%22user_modules_perm%22%3Ba%3A2%3A%7Bs%3A5%3A%22order%22%3Bs%3A4%3A%22view%22%3Bs%3A30%3A%22activity%2FroomOccupancyTimeline%22%3Bs%3A4%3A%22view%22%3B%7Ds%3A24%3A%22user_modules_perm_update%22%3Bi%3A1671039975%3B%7D%7D; expires=Wed, 14-Dec-2022 22:46:15 GMT; Max-Age=18000; path=/
< Location: http://localhost:8888/dashboard
< Content-Length: 0
< Content-Type: text/html; charset=UTF-8

.
.
.

* Mark bundle as not supporting multiuse
< HTTP/1.1 302 Found
< Date: Wed, 14 Dec 2022 17:46:34 GMT
< Server: Apache/2.4.25 (Debian)
< X-Powered-By: PHP/5.6.40
< Set-Cookie: PHPSESSID=36045b9806a8f6e6af86439602540f6e; path=/
< Expires: Thu, 19 Nov 1981 08:52:00 GMT
< Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
< Pragma: no-cache
< Set-Cookie: PHPSESSID=e7b47ba2ccb26e557ff25ef0defd86e5; path=/
< Set-Cookie: dashboard_=7e42ce5af703a90da1fe0db91faf7de75e1fbb71a%3A4%3A%7Bi%3A0%3Bs%3A5%3A%22guest%22%3Bi%3A1%3Bs%3A5%3A%22guest%22%3Bi%3A2%3Bi%3A18000%3Bi%3A3%3Ba%3A8%3A%7Bs%3A2%3A%22id%22%3Bs%3A2%3A%2268%22%3Bs%3A9%3A%22user_role%22%3Bi%3A1%3Bs%3A9%3A%22user_name%22%3Bs%3A5%3A%22Guest%22%3Bs%3A9%3A%22user_type%22%3Bs%3A1%3A%224%22%3Bs%3A14%3A%22user_back_role%22%3Bs%3A2%3A%2210%22%3Bs%3A9%3A%22user_perm%22%3Bs%3A15%3A%2211_view%3B19_view%22%3Bs%3A17%3A%22user_modules_perm%22%3Ba%3A2%3A%7Bs%3A5%3A%22order%22%3Bs%3A4%3A%22view%22%3Bs%3A30%3A%22activity%2FroomOccupancyTimeline%22%3Bs%3A4%3A%22view%22%3B%7Ds%3A24%3A%22user_modules_perm_update%22%3Bi%3A1671039995%3B%7D%7D; expires=Wed, 14-Dec-2022 22:46:35 GMT; Max-Age=18000; path=/
< Location: http://localhost:8888/dashboard
< Content-Length: 0
< Content-Type: text/html; charset=UTF-8
< 
* Connection #0 to host localhost left intact
* Maximum (50) redirects followed
curl: (47) Maximum (50) redirects followed

我停止了这些容器。

第2步

在其他位置重新创建了相同的文件夹,设置了一些不同的 .env 变量、端口等,然后由

/var/www/wz/mipo-iqdesk-testing/davidson$ docker-compose up --build

然而这次在 Firefox 中打开时

http://localhost:8889/ => https://localhost:8889/ =>SSL_ERROR_RX_RECORD_TOO_LONG

我本来没有打算使用 SSL,相同的 apache vhost.conf 文件在步骤 1 中工作正常,但在其他位置却因 SSL 错误而失败。

$ curl --verbose -L http://localhost:8889
*   Trying 127.0.0.1:8889...
* Connected to localhost (127.0.0.1) port 8889 (#0)
> GET / HTTP/1.1
> Host: localhost:8889
> User-Agent: curl/7.81.0
> Accept: */*
> 
* Mark bundle as not supporting multiuse
< HTTP/1.1 301 Moved Permanently
< Date: Wed, 14 Dec 2022 17:24:56 GMT
< Server: Apache/2.4.25 (Debian)
< Location: https://localhost:8889//
< Content-Length: 309
< Content-Type: text/html; charset=iso-8859-1
< 
* Ignoring the response-body
* Connection #0 to host localhost left intact
* Clear auth, redirects scheme from HTTP to https
* Issue another request to this URL: 'https://localhost:8889//'
* Found bundle for host localhost: 0x559b267feff0 [serially]
* Can not multiplex, even if we wanted to!
* Hostname localhost was found in DNS cache
*   Trying 127.0.0.1:8889...
* Connected to localhost (127.0.0.1) port 8889 (#1)
* ALPN, offering h2
* ALPN, offering http/1.1
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: /etc/ssl/certs
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* (5454) (IN), , Unknown (72):
* error:0A00010B:SSL routines::wrong version number
* Closing connection 1
curl: (35) error:0A00010B:SSL routines::wrong version number

然后将 8889 更改为 18889,重建并强制 http://localhost:18889/ 为 https://localhost:18889/,出现同样的错误。

有任何想法吗?

相关内容