Nginx + Passenger running a RoR app is returning 401 when 302 is expected
Posted
by
DBruns
on Server Fault
See other posts from Server Fault
or by DBruns
Published on 2011-01-14T20:26:59Z
Indexed on
2011/01/14
20:55 UTC
Read the original article
Hit count: 268
I've got a RoR app running on Passenger on top of Nginx. I'm using devise for my authentication method and have a link that gets sent in an email to users that requires authentication to view.
If a user clicks the link from Outlook, and IE is the default browser, IE makes an HTTP request using the following headers:
GET http://www.company.com/custom_layouts/108 HTTP/1.1
Accept: */*
Accept-Language: en-us
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.2; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Connection: Keep-Alive
Host: www.company.com
Returning:
HTTP/1.1 401 Unauthorized Content-Type: /; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Status: 401 X-Powered-By: Phusion Passenger (mod_rails/mod_rack) 2.2.15 WWW-Authenticate: Basic realm="Application" Cache-Control: no-cache X-UA-Compatible: IE=Edge,chrome=1 Set-Cookie: _vxwer_session=[sessionstr]; path=/; HttpOnly X-Runtime: 0.011918 Server: nginx/0.7.67 + Phusion Passenger 2.2.15 (mod_rails/mod_rack)
31 You need to sign in or sign up before continuing. 0
When the exact same URL is typed into the address bar, it does this:
GET http://www.company.com/custom_layouts/108 HTTP/1.1
Accept: image/jpeg, application/x-ms-application, image/gif, application/xaml+xml, image/pjpeg, application/x-ms-xbap, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
Accept-Language: en-US
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.2; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Connection: Keep-Alive
Host: www.company.com
Returning:
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Status: 302
X-Powered-By: Phusion Passenger (mod_rails/mod_rack) 2.2.15
Location: http://www.company.com/users/sign_in
Cache-Control: no-cache
X-UA-Compatible: IE=Edge,chrome=1
Set-Cookie: _xswer_session=[session_info_here]; path=/; HttpOnly
X-Runtime: 0.010798
Server: nginx/0.7.67 + Phusion Passenger 2.2.15 (mod_rails/mod_rack)
6f
<html><body>You are being <a href="http://www.company.com/users/sign_in">redirected</a>.</body></html>
0
I expect them to return the same thing regardless.
© Server Fault or respective owner