我在开发服务器上遇到了一个奇怪的问题。CentOS 6.5。如果我从 bash 脚本 curl 到“127.0.0.1”,我会收到 403 响应。它会尝试通过公司代理。详情如下。
如果我卷曲到“localhost” - 那就很好了。
为什么会发生这种情况以及如何防止它?
我想使用 127.0.0.1 作为更安全的选项(在某些生产服务器上可能未设置 localhost)。
curl 到 127.0.0.1 日志:
About to connect() to proxy 172.1.0.65 port 3128 (#0)
* Trying 172.11.0.63... connected
* Connected to 172.11.0.63 (172.11.0.63) port 3128 (#0)
* Establish HTTP proxy tunnel to 10.235.1.195:443
> CONNECT 10.235.1.195:443 HTTP/1.1
> Host: 10.235.1.195:443
> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7
> Proxy-Connection: Keep-Alive
>
< HTTP/1.0 403 Forbidden
curl 到本地主机日志:
* About to connect() to localhost port 443 (#0)
* Trying ::1... connected
* Connected to localhost (::1) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* warning: ignoring value of ssl.verifyhost
* skipping SSL peer certificate verification
* SSL connection using TLS_DHE_RSA_WITH_AES_256_CBC_SHA
* Server certificate:
* bla-bla-bla
> POST /link/to/page HTTP/1.1
> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2
> Host: localhost
> Accept: */*
> Content-Length: 43
> Content-Type: application/x-www-form-urlencoded
>
} [data not shown]
< HTTP/1.1 200 OK
< Date: Fri, 03 Aug 2018 14:50:40 GMT
< Server: Apache/2.2.15 (CentOS)
< X-Powered-By: PHP/5.3.3
猫/等/主机
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6