从客户端进行 API 调用时,非 https 请求被重定向到 302,甚至 https 请求也会转到 302

从客户端进行 API 调用时,非 https 请求被重定向到 302,甚至 https 请求也会转到 302

例如,API 客户端向服务器发出的任何请求均返回 302https://app.ardracloud.com/api/deviceconnect或者http://app.ardracloud.com/api/deviceconnect返回 302

server {
        listen 66.66.66.66:443 ssl;
        listen 443;
        listen [::]:443;

        server_name app.ardracloud.com;
        server_name www.app.ardracloud.com;
        server_name ipv4.app.ardracloud.com;


        ssl_certificate             /opt/psa/var/certificates/******;
        ssl_certificate_key         /opt/psa/var/certificates/******;

        client_max_body_size 134217728;

        access_log "/var/www/vhosts/system/app.ardracloud.com/logs/proxy_access_ssl_log";
        error_log "/var/www/vhosts/system/app.ardracloud.com/logs/proxy_error_log";

        root "/var/www/vhosts/ardracloud.com/app.ardracloud.com/public";
        #Error Handling

        error_page 497 https://$host:$server_port$request_uri;

        error_page 400 https://app.ardracloud.com:443$request_uri;



         location ^~ /.well-known/acme-challenge/ {
                root /var/www/vhosts/default/htdocs;

                types { }
                default_type text/plain;

                satisfy any;
                auth_basic off;
                allow all;

                location ~ ^/\.well-known/acme-challenge.*/\. {
                        deny all;
                }
        }
        #extension letsencrypt end

        location / {
                proxy_read_timeout 1200s;
                proxy_pass https://127.0.0.1:7081/;
                #proxy_hide_header upgrade;
                proxy_set_header Host             $host;
                proxy_set_header X-Real-IP        $remote_addr;
                proxy_set_header X-Forwarded-For  $proxy_add_x_forwarded_for;
                proxy_set_header X-Accel-Internal /internal-nginx-static-location;
                access_log off;
                proxy_set_header X-Forwarded-Server $host;
                proxy_set_header X-Forwarded-Host $host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection "upgrade";
                proxy_http_version 1.1; proxy_redirect http://127.0.0.1:7081/ https://app.ardracloud.com/;


        }
        
                location ^~ /internal-nginx-static-location/ {
                alias /var/www/vhosts/ardracloud.com/app.ardracloud.com/public/;
                internal;
        }

        location ~ ^/(plesk-stat|awstats-icon|webstat|webstat-ssl|ftpstat|anon_ftpstat) {
                proxy_pass https://127.0.0.1:7081;
                proxy_hide_header upgrade;
                proxy_set_header Host             $host;
                proxy_set_header X-Real-IP        $remote_addr;
                proxy_set_header X-Forwarded-For  $proxy_add_x_forwarded_for;
                proxy_set_header X-Accel-Internal /internal-nginx-static-location;
                access_log off;

        }



        disable_symlinks if_not_owner "from=/var/www/vhosts/ardracloud.com";

        add_header X-Powered-By PleskLin;

}

    map $upstream_http_location $redirect_uri {
            "~https://[^/]+/(?<location_uri>.*)$" "$location_uri";
    }

       upstream origin {
            server app.ardracloud.com;
     }

    server {
        listen 66.66.66.66:80;

        server_name app.ardracloud.com;
        server_name www.app.ardracloud.com;
        server_name ipv4.app.ardracloud.com;

        client_max_body_size 134217728;

        access_log "/var/www/vhosts/system/app.ardracloud.com/logs/proxy_access_log";
        error_log "/var/www/vhosts/system/app.ardracloud.com/logs/proxy_error_log";

        location / {
                return 301 https://$host$request_uri;

        }

        location /api {
             return 301 https://$host$request_uri;

        }
}   

@Richard Smit - Curl -I 响应

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 18 Feb 2024 10:39:57 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://app.ardracloud.com/

@Richard Smit - Curl -I 响应 HTTP/1.1 301 永久移动服务器:nginx 日期:2024 年 2 月 18 日星期日 10:39:57 GMT 内容类型:text/html 内容长度:162 连接:保持活动位置:https://app.ardracloud.com/

答案1

当我执行 curl -I -L 时,它给出 301

curl -ihttp://app.ardracloud.com/api/deviceconnect-L

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 19 Feb 2024 19:43:19 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://app.ardracloud.com/api/deviceconnect
HTTP/2 404
server: nginx
date: Mon, 19 Feb 2024 19:43:19 GMT
content-type: application/json
x-powered-by: PHP/8.2.15
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
x-ratelimit-limit: 300
x-ratelimit-remaining: 299
access-control-allow-origin: *
{"success":false,"message":"Validation Error----.","data":"Please Fill Mandatory field"}

* ALPN: offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: /etc/ssl/certs
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN: server accepted h2
* Server certificate:
*  subject: CN=app.ardracloud.com
*  start date: Feb 15 08:00:40 2024 GMT
*  expire date: May 15 08:00:39 2024 GMT
*  subjectAltName: host "app.ardracloud.com" matched cert's "app.ardracloud.com"
*  issuer: C=US; O=Let's Encrypt; CN=R3
*  SSL certificate verify ok.
* using HTTP/2
* h2h3 [:method: GET]
* h2h3 [:path: /api/deviceconnect]
* h2h3 [:scheme: https]
* h2h3 [:authority: app.ardracloud.com]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 1 (easy handle 0x562b49732790)
> GET /api/deviceconnect HTTP/2
> Host: app.ardracloud.com
> user-agent: curl/7.88.1
> accept: */*
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):

* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
< HTTP/2 404
< server: nginx
< date: Mon, 19 Feb 2024 19:52:54 GMT
< content-type: application/json
< x-powered-by: PHP/8.2.15
< cache-control: private, must-revalidate

< pragma:无缓存 < 过期时间:-1 < x-ratelimit-limit:300 < x-ratelimit-remaining:297 < 访问控制允许来源:*


你为什么还要听两遍

listen 66.66.66.66:443 ssl;
        listen 443;
        listen [::]:443;

http2 出现 404 错误,你可以试试

listen 443 ssl http2;
listen [::]:443 ssl http2;

相关内容