Docker cannot push image to private registry | received unexpected HTTP status: 200 OK - nginx-reverse-proxy

I have GitHub Runner and docker registry on my server and I'm trying to set up ci/cd for some applications.
Directly pushing to the container name with port works smoothly
docker pull alpine
docker tag alpine:latest docker-registry:5000/alpine:latest
docker login docker-registry:5000
Login Succeeded
docker push docker-registry:5000/alpine:latest
The push refers to repository [docker-registry:5000/alpine]
ded7a220bb05: Pushed
But I get an problem when I use the domain
docker pull alpine
docker tag alpine:latest registry.mydomain.com/alpine:latest
docker login registry.mydomain.com
Login Succeeded
docker push registry.mydomain.com/alpine:latest
The push refers to repository [registry.mydomain.com/alpine]
ded7a220bb05: Retrying in 1 second
received unexpected HTTP status: 200 OK
My docker containers
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
eab92ef5610b registry:2 "/entrypoint.sh /etc…" 22 seconds ago Up 21 seconds 5000/tcp docker-registry
bdd4f0886c19 nginx:1.20.2 "/docker-entrypoint.…" 3 months ago Up About an hour 0.0.0.0:80->80/tcp, :::80->80/tcp nginx-ingress
5e7e8e1b591e myoung34/github-runner:2.299.1-ubuntu-jammy "/entrypoint.sh ./bi…" 37 hours ago Up 27 minutes github-runner
My Nginx config
upstream registry {
server docker-registry:5000;
}
map $upstream_http_docker_distribution_api_version $docker_distribution_api_version {
'' 'registry/2.0';
}
server {
listen 443;
server_name registry.mydomain.com;
client_max_body_size 0;
chunked_transfer_encoding on;
location /v2/ {
if ($http_user_agent ~ "^(docker\/1\.(3|4|5(?!\.[0-9]-dev))|Go ).*$" ) {
return 404;
}
auth_basic "Registry Realm";
auth_basic_user_file /etc/nginx/conf.d/nginx.htpasswd;
add_header 'Docker-Distribution-Api-Version' $docker_distribution_api_version always;
proxy_pass http://registry;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme; # default => $scheme | cloudflare => https
proxy_read_timeout 900;
}
}
Docker registry logs
time="2022-12-01T13:05:21.576274727Z" level=warning msg="No HTTP secret provided - generated random secret. This may cause problems with uploads if multiple registries are behind a load-balancer. To provide a shared secret, fill in http.secret in the configuration file or set the REGISTRY_HTTP_SECRET environment variable." go.version=go1.16.15 instance.id=9fae9ec3-fe4f-443e-b6b3-d472db92412a service=registry version="v2.8.1+unknown"
time="2022-12-01T13:05:21.576362865Z" level=info msg="redis not configured" go.version=go1.16.15 instance.id=9fae9ec3-fe4f-443e-b6b3-d472db92412a service=registry version="v2.8.1+unknown"
time="2022-12-01T13:05:21.576419048Z" level=info msg="Starting upload purge in 9m0s" go.version=go1.16.15 instance.id=9fae9ec3-fe4f-443e-b6b3-d472db92412a service=registry version="v2.8.1+unknown"
time="2022-12-01T13:05:21.588466586Z" level=info msg="using inmemory blob descriptor cache" go.version=go1.16.15 instance.id=9fae9ec3-fe4f-443e-b6b3-d472db92412a service=registry version="v2.8.1+unknown"
time="2022-12-01T13:05:21.588770043Z" level=info msg="listening on [::]:5000" go.version=go1.16.15 instance.id=9fae9ec3-fe4f-443e-b6b3-d472db92412a service=registry version="v2.8.1+unknown"
172.18.0.1 - - [01/Dec/2022:13:05:28 +0000] "GET /v2/ HTTP/1.1" 401 87 "" "docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \\(linux\\))"
time="2022-12-01T13:05:28.906573279Z" level=warning msg="error authorizing context: basic authentication challenge for realm "Registry Realm": invalid authorization credential" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=4d19514d-336c-4c1c-ad8a-91a8a4be1e0c http.request.method=GET http.request.remoteaddr="172.18.0.1:42346" http.request.uri="/v2/" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \(linux\))"
172.18.0.1 - - [01/Dec/2022:13:05:28 +0000] "GET /v2/ HTTP/1.1" 200 2 "" "docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \\(linux\\))"
time="2022-12-01T13:05:28.91635475Z" level=info msg="authorized request" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=6f0cd72e-52dd-4408-812c-c770c1daeb4c http.request.method=GET http.request.remoteaddr="172.18.0.1:42348" http.request.uri="/v2/" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \(linux\))"
time="2022-12-01T13:05:28.916428075Z" level=info msg="response completed" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=6f0cd72e-52dd-4408-812c-c770c1daeb4c http.request.method=GET http.request.remoteaddr="172.18.0.1:42348" http.request.uri="/v2/" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \(linux\))" http.response.contenttype="application/json; charset=utf-8" http.response.duration=8.872969ms http.response.status=200 http.response.written=2
172.18.0.1 - - [01/Dec/2022:13:05:47 +0000] "GET /v2/ HTTP/1.1" 401 87 "" "docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \\(linux\\))"
time="2022-12-01T13:05:47.955166053Z" level=warning msg="error authorizing context: basic authentication challenge for realm "Registry Realm": invalid authorization credential" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=060b8ad8-027d-4e1f-aae8-853e694aa071 http.request.method=GET http.request.remoteaddr="172.18.0.1:42352" http.request.uri="/v2/" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \(linux\))"
time="2022-12-01T13:05:47.961400261Z" level=info msg="authorized request" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=23ab1f44-c687-41a4-854c-88d5223f3c19 http.request.method=HEAD http.request.remoteaddr="172.18.0.1:42354" http.request.uri="/v2/alpine/blobs/sha256:c158987b05517b6f2c5913f3acef1f2182a32345a304fe357e3ace5fadcad715" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \(linux\))" vars.digest="sha256:c158987b05517b6f2c5913f3acef1f2182a32345a304fe357e3ace5fadcad715" vars.name=alpine
time="2022-12-01T13:05:47.961616963Z" level=error msg="response completed with error" auth.user.name="docker_user" err.code="blob unknown" err.detail=sha256:c158987b05517b6f2c5913f3acef1f2182a32345a304fe357e3ace5fadcad715 err.message="blob unknown to registry" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=23ab1f44-c687-41a4-854c-88d5223f3c19 http.request.method=HEAD http.request.remoteaddr="172.18.0.1:42354" http.request.uri="/v2/alpine/blobs/sha256:c158987b05517b6f2c5913f3acef1f2182a32345a304fe357e3ace5fadcad715" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \(linux\))" http.response.contenttype="application/json; charset=utf-8" http.response.duration=3.888659ms http.response.status=404 http.response.written=157 vars.digest="sha256:c158987b05517b6f2c5913f3acef1f2182a32345a304fe357e3ace5fadcad715" vars.name=alpine
172.18.0.1 - - [01/Dec/2022:13:05:47 +0000] "HEAD /v2/alpine/blobs/sha256:c158987b05517b6f2c5913f3acef1f2182a32345a304fe357e3ace5fadcad715 HTTP/1.1" 404 157 "" "docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \\(linux\\))"
time="2022-12-01T13:05:48.013676521Z" level=info msg="authorized request" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=76e692cf-3fec-4739-ac68-dd7e785bc3c0 http.request.method=POST http.request.remoteaddr="172.18.0.1:42356" http.request.uri="/v2/alpine/blobs/uploads/" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \(linux\))" vars.name=alpine
time="2022-12-01T13:05:48.026046059Z" level=info msg="response completed" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=76e692cf-3fec-4739-ac68-dd7e785bc3c0 http.request.method=POST http.request.remoteaddr="172.18.0.1:42356" http.request.uri="/v2/alpine/blobs/uploads/" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \(linux\))" http.response.duration=16.091457ms http.response.status=202 http.response.written=0
172.18.0.1 - - [01/Dec/2022:13:05:48 +0000] "POST /v2/alpine/blobs/uploads/ HTTP/1.1" 202 0 "" "docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \\(linux\\))"
time="2022-12-01T13:05:48.037049651Z" level=info msg="authorized request" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=9d35eb65-a80e-43c7-bcad-42bcd0723ad1 http.request.method=PATCH http.request.remoteaddr="172.18.0.1:42358" http.request.uri="/v2/alpine/blobs/uploads/cb21fc83-6e19-4c78-b5c0-badb0ff8fe04?_state=TRS7R1oNENXqtiEnnSLbJD3l9O9Pq9tEtZudktNkQQF7Ik5hbWUiOiJhbHBpbmUiLCJVVUlEIjoiY2IyMWZjODMtNmUxOS00Yzc4LWI1YzAtYmFkYjBmZjhmZTA0IiwiT2Zmc2V0IjowLCJTdGFydGVkQXQiOiIyMDIyLTEyLTAxVDEzOjA1OjQ4LjAxMzc0MDcxN1oifQ%3D%3D" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \(linux\))" vars.name=alpine vars.uuid=cb21fc83-6e19-4c78-b5c0-badb0ff8fe04
time="2022-12-01T13:05:48.956206497Z" level=info msg="response completed" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=9d35eb65-a80e-43c7-bcad-42bcd0723ad1 http.request.method=PATCH http.request.remoteaddr="172.18.0.1:42358" http.request.uri="/v2/alpine/blobs/uploads/cb21fc83-6e19-4c78-b5c0-badb0ff8fe04?_state=TRS7R1oNENXqtiEnnSLbJD3l9O9Pq9tEtZudktNkQQF7Ik5hbWUiOiJhbHBpbmUiLCJVVUlEIjoiY2IyMWZjODMtNmUxOS00Yzc4LWI1YzAtYmFkYjBmZjhmZTA0IiwiT2Zmc2V0IjowLCJTdGFydGVkQXQiOiIyMDIyLTEyLTAxVDEzOjA1OjQ4LjAxMzc0MDcxN1oifQ%3D%3D" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \(linux\))" http.response.duration=929.13763ms http.response.status=202 http.response.written=0
172.18.0.1 - - [01/Dec/2022:13:05:48 +0000] "PATCH /v2/alpine/blobs/uploads/cb21fc83-6e19-4c78-b5c0-badb0ff8fe04?_state=TRS7R1oNENXqtiEnnSLbJD3l9O9Pq9tEtZudktNkQQF7Ik5hbWUiOiJhbHBpbmUiLCJVVUlEIjoiY2IyMWZjODMtNmUxOS00Yzc4LWI1YzAtYmFkYjBmZjhmZTA0IiwiT2Zmc2V0IjowLCJTdGFydGVkQXQiOiIyMDIyLTEyLTAxVDEzOjA1OjQ4LjAxMzc0MDcxN1oifQ%3D%3D HTTP/1.1" 202 0 "" "docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \\(linux\\))"
time="2022-12-01T13:05:48.960962747Z" level=info msg="authorized request" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=b4955223-ae69-4d0f-8643-b70148b764fd http.request.method=PUT http.request.remoteaddr="172.18.0.1:42360" http.request.uri="/v2/alpine/blobs/uploads/cb21fc83-6e19-4c78-b5c0-badb0ff8fe04?_state=NVqJ2JVvha-PdWnWeVonnGI1qxrWbyJiE3ECtgBK_v17Ik5hbWUiOiJhbHBpbmUiLCJVVUlEIjoiY2IyMWZjODMtNmUxOS00Yzc4LWI1YzAtYmFkYjBmZjhmZTA0IiwiT2Zmc2V0IjozMzcwNzA2LCJTdGFydGVkQXQiOiIyMDIyLTEyLTAxVDEzOjA1OjQ4WiJ9&digest=sha256%3Ac158987b05517b6f2c5913f3acef1f2182a32345a304fe357e3ace5fadcad715" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \(linux\))" vars.name=alpine vars.uuid=cb21fc83-6e19-4c78-b5c0-badb0ff8fe04
time="2022-12-01T13:05:48.975845667Z" level=info msg="response completed" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=b4955223-ae69-4d0f-8643-b70148b764fd http.request.method=PUT http.request.remoteaddr="172.18.0.1:42360" http.request.uri="/v2/alpine/blobs/uploads/cb21fc83-6e19-4c78-b5c0-badb0ff8fe04?_state=NVqJ2JVvha-PdWnWeVonnGI1qxrWbyJiE3ECtgBK_v17Ik5hbWUiOiJhbHBpbmUiLCJVVUlEIjoiY2IyMWZjODMtNmUxOS00Yzc4LWI1YzAtYmFkYjBmZjhmZTA0IiwiT2Zmc2V0IjozMzcwNzA2LCJTdGFydGVkQXQiOiIyMDIyLTEyLTAxVDEzOjA1OjQ4WiJ9&digest=sha256%3Ac158987b05517b6f2c5913f3acef1f2182a32345a304fe357e3ace5fadcad715" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \(linux\))" http.response.duration=18.779158ms http.response.status=201 http.response.written=0
172.18.0.1 - - [01/Dec/2022:13:05:48 +0000] "PUT /v2/alpine/blobs/uploads/cb21fc83-6e19-4c78-b5c0-badb0ff8fe04?_state=NVqJ2JVvha-PdWnWeVonnGI1qxrWbyJiE3ECtgBK_v17Ik5hbWUiOiJhbHBpbmUiLCJVVUlEIjoiY2IyMWZjODMtNmUxOS00Yzc4LWI1YzAtYmFkYjBmZjhmZTA0IiwiT2Zmc2V0IjozMzcwNzA2LCJTdGFydGVkQXQiOiIyMDIyLTEyLTAxVDEzOjA1OjQ4WiJ9&digest=sha256%3Ac158987b05517b6f2c5913f3acef1f2182a32345a304fe357e3ace5fadcad715 HTTP/1.1" 201 0 "" "docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \\(linux\\))"
time="2022-12-01T13:05:48.987290535Z" level=info msg="authorized request" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=53c874f2-6f55-4cde-b5ca-596dda13583a http.request.method=HEAD http.request.remoteaddr="172.18.0.1:42362" http.request.uri="/v2/alpine/blobs/sha256:c158987b05517b6f2c5913f3acef1f2182a32345a304fe357e3ace5fadcad715" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \(linux\))" vars.digest="sha256:c158987b05517b6f2c5913f3acef1f2182a32345a304fe357e3ace5fadcad715" vars.name=alpine
time="2022-12-01T13:05:48.987671994Z" level=info msg="response completed" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=53c874f2-6f55-4cde-b5ca-596dda13583a http.request.method=HEAD http.request.remoteaddr="172.18.0.1:42362" http.request.uri="/v2/alpine/blobs/sha256:c158987b05517b6f2c5913f3acef1f2182a32345a304fe357e3ace5fadcad715" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \(linux\))" http.response.contenttype="application/octet-stream" http.response.duration=10.691772ms http.response.status=200 http.response.written=0
172.18.0.1 - - [01/Dec/2022:13:05:48 +0000] "HEAD /v2/alpine/blobs/sha256:c158987b05517b6f2c5913f3acef1f2182a32345a304fe357e3ace5fadcad715 HTTP/1.1" 200 0 "" "docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \\(linux\\))"
time="2022-12-01T13:05:48.99996587Z" level=info msg="authorized request" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=867604cb-09cd-43f4-91b0-52ead32d664e http.request.method=HEAD http.request.remoteaddr="172.18.0.1:42364" http.request.uri="/v2/alpine/blobs/sha256:49176f190c7e9cdb51ac85ab6c6d5e4512352218190cd69b08e6fd803ffbf3da" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \(linux\))" vars.digest="sha256:49176f190c7e9cdb51ac85ab6c6d5e4512352218190cd69b08e6fd803ffbf3da" vars.name=alpine
time="2022-12-01T13:05:49.000171622Z" level=error msg="response completed with error" auth.user.name="docker_user" err.code="blob unknown" err.detail=sha256:49176f190c7e9cdb51ac85ab6c6d5e4512352218190cd69b08e6fd803ffbf3da err.message="blob unknown to registry" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=867604cb-09cd-43f4-91b0-52ead32d664e http.request.method=HEAD http.request.remoteaddr="172.18.0.1:42364" http.request.uri="/v2/alpine/blobs/sha256:49176f190c7e9cdb51ac85ab6c6d5e4512352218190cd69b08e6fd803ffbf3da" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \(linux\))" http.response.contenttype="application/json; charset=utf-8" http.response.duration=4.875849ms http.response.status=404 http.response.written=157 vars.digest="sha256:49176f190c7e9cdb51ac85ab6c6d5e4512352218190cd69b08e6fd803ffbf3da" vars.name=alpine
172.18.0.1 - - [01/Dec/2022:13:05:48 +0000] "HEAD /v2/alpine/blobs/sha256:49176f190c7e9cdb51ac85ab6c6d5e4512352218190cd69b08e6fd803ffbf3da HTTP/1.1" 404 157 "" "docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \\(linux\\))"
time="2022-12-01T13:05:49.009848946Z" level=info msg="authorized request" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=7e29e9ea-0864-44e2-bc75-732d246af8a9 http.request.method=POST http.request.remoteaddr="172.18.0.1:42366" http.request.uri="/v2/alpine/blobs/uploads/" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \(linux\))" vars.name=alpine
172.18.0.1 - - [01/Dec/2022:13:05:49 +0000] "POST /v2/alpine/blobs/uploads/ HTTP/1.1" 202 0 "" "docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \\(linux\\))"
time="2022-12-01T13:05:49.022631954Z" level=info msg="response completed" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=7e29e9ea-0864-44e2-bc75-732d246af8a9 http.request.method=POST http.request.remoteaddr="172.18.0.1:42366" http.request.uri="/v2/alpine/blobs/uploads/" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \(linux\))" http.response.duration=21.407075ms http.response.status=202 http.response.written=0
time="2022-12-01T13:05:49.032911791Z" level=info msg="authorized request" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=abab2c41-40ee-4c76-8456-3b30b62061af http.request.method=PATCH http.request.remoteaddr="172.18.0.1:42370" http.request.uri="/v2/alpine/blobs/uploads/32b60b00-82d6-4003-a470-7502f715be61?_state=E8EC15n0xy4YiaxJAynDeAl0SaoKMX0tvtbqakyT13R7Ik5hbWUiOiJhbHBpbmUiLCJVVUlEIjoiMzJiNjBiMDAtODJkNi00MDAzLWE0NzAtNzUwMmY3MTViZTYxIiwiT2Zmc2V0IjowLCJTdGFydGVkQXQiOiIyMDIyLTEyLTAxVDEzOjA1OjQ5LjAwOTk2MjU3WiJ9" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \(linux\))" vars.name=alpine vars.uuid=32b60b00-82d6-4003-a470-7502f715be61
172.18.0.1 - - [01/Dec/2022:13:05:49 +0000] "PATCH /v2/alpine/blobs/uploads/32b60b00-82d6-4003-a470-7502f715be61?_state=E8EC15n0xy4YiaxJAynDeAl0SaoKMX0tvtbqakyT13R7Ik5hbWUiOiJhbHBpbmUiLCJVVUlEIjoiMzJiNjBiMDAtODJkNi00MDAzLWE0NzAtNzUwMmY3MTViZTYxIiwiT2Zmc2V0IjowLCJTdGFydGVkQXQiOiIyMDIyLTEyLTAxVDEzOjA1OjQ5LjAwOTk2MjU3WiJ9 HTTP/1.1" 202 0 "" "docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \\(linux\\))"
time="2022-12-01T13:05:49.046509563Z" level=info msg="response completed" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=abab2c41-40ee-4c76-8456-3b30b62061af http.request.method=PATCH http.request.remoteaddr="172.18.0.1:42370" http.request.uri="/v2/alpine/blobs/uploads/32b60b00-82d6-4003-a470-7502f715be61?_state=E8EC15n0xy4YiaxJAynDeAl0SaoKMX0tvtbqakyT13R7Ik5hbWUiOiJhbHBpbmUiLCJVVUlEIjoiMzJiNjBiMDAtODJkNi00MDAzLWE0NzAtNzUwMmY3MTViZTYxIiwiT2Zmc2V0IjowLCJTdGFydGVkQXQiOiIyMDIyLTEyLTAxVDEzOjA1OjQ5LjAwOTk2MjU3WiJ9" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \(linux\))" http.response.duration=22.857284ms http.response.status=202 http.response.written=0
time="2022-12-01T13:05:49.052387956Z" level=info msg="authorized request" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=8d17d425-4b89-4597-9314-1f2c35e1afdb http.request.method=PUT http.request.remoteaddr="172.18.0.1:42372" http.request.uri="/v2/alpine/blobs/uploads/32b60b00-82d6-4003-a470-7502f715be61?_state=uN8teJhzBMwlrLnstzPV492DSwZgwtADfHJWpqUsGpx7Ik5hbWUiOiJhbHBpbmUiLCJVVUlEIjoiMzJiNjBiMDAtODJkNi00MDAzLWE0NzAtNzUwMmY3MTViZTYxIiwiT2Zmc2V0IjoxNDcyLCJTdGFydGVkQXQiOiIyMDIyLTEyLTAxVDEzOjA1OjQ5WiJ9&digest=sha256%3A49176f190c7e9cdb51ac85ab6c6d5e4512352218190cd69b08e6fd803ffbf3da" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \(linux\))" vars.name=alpine vars.uuid=32b60b00-82d6-4003-a470-7502f715be61
time="2022-12-01T13:05:49.067768248Z" level=info msg="response completed" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=8d17d425-4b89-4597-9314-1f2c35e1afdb http.request.method=PUT http.request.remoteaddr="172.18.0.1:42372" http.request.uri="/v2/alpine/blobs/uploads/32b60b00-82d6-4003-a470-7502f715be61?_state=uN8teJhzBMwlrLnstzPV492DSwZgwtADfHJWpqUsGpx7Ik5hbWUiOiJhbHBpbmUiLCJVVUlEIjoiMzJiNjBiMDAtODJkNi00MDAzLWE0NzAtNzUwMmY3MTViZTYxIiwiT2Zmc2V0IjoxNDcyLCJTdGFydGVkQXQiOiIyMDIyLTEyLTAxVDEzOjA1OjQ5WiJ9&digest=sha256%3A49176f190c7e9cdb51ac85ab6c6d5e4512352218190cd69b08e6fd803ffbf3da" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \(linux\))" http.response.duration=20.176783ms http.response.status=201 http.response.written=0
172.18.0.1 - - [01/Dec/2022:13:05:49 +0000] "PUT /v2/alpine/blobs/uploads/32b60b00-82d6-4003-a470-7502f715be61?_state=uN8teJhzBMwlrLnstzPV492DSwZgwtADfHJWpqUsGpx7Ik5hbWUiOiJhbHBpbmUiLCJVVUlEIjoiMzJiNjBiMDAtODJkNi00MDAzLWE0NzAtNzUwMmY3MTViZTYxIiwiT2Zmc2V0IjoxNDcyLCJTdGFydGVkQXQiOiIyMDIyLTEyLTAxVDEzOjA1OjQ5WiJ9&digest=sha256%3A49176f190c7e9cdb51ac85ab6c6d5e4512352218190cd69b08e6fd803ffbf3da HTTP/1.1" 201 0 "" "docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \\(linux\\))"
time="2022-12-01T13:05:49.073531198Z" level=info msg="authorized request" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=d77e1f84-f55d-4917-bc8c-aceb4606c23e http.request.method=HEAD http.request.remoteaddr="172.18.0.1:42374" http.request.uri="/v2/alpine/blobs/sha256:49176f190c7e9cdb51ac85ab6c6d5e4512352218190cd69b08e6fd803ffbf3da" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \(linux\))" vars.digest="sha256:49176f190c7e9cdb51ac85ab6c6d5e4512352218190cd69b08e6fd803ffbf3da" vars.name=alpine
172.18.0.1 - - [01/Dec/2022:13:05:49 +0000] "HEAD /v2/alpine/blobs/sha256:49176f190c7e9cdb51ac85ab6c6d5e4512352218190cd69b08e6fd803ffbf3da HTTP/1.1" 200 0 "" "docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \\(linux\\))"
time="2022-12-01T13:05:49.073748384Z" level=info msg="response completed" go.version=go1.16.15 http.request.host="docker-registry:5000" http.request.id=d77e1f84-f55d-4917-bc8c-aceb4606c23e http.request.method=HEAD http.request.remoteaddr="172.18.0.1:42374" http.request.uri="/v2/alpine/blobs/sha256:49176f190c7e9cdb51ac85ab6c6d5e4512352218190cd69b08e6fd803ffbf3da" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \(linux\))" http.response.contenttype="application/octet-stream" http.response.duration=4.891873ms http.response.status=200 http.response.written=0
time="2022-12-01T13:05:49.081141753Z" level=info msg="authorized request" go.version=go1.16.15 http.request.contenttype="application/vnd.docker.distribution.manifest.v2+json" http.request.host="docker-registry:5000" http.request.id=b2329d48-38dd-471c-8691-6b08c1eb7ec5 http.request.method=PUT http.request.remoteaddr="172.18.0.1:42376" http.request.uri="/v2/alpine/manifests/latest" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \(linux\))" vars.name=alpine vars.reference=latest
time="2022-12-01T13:05:49.102368205Z" level=info msg="response completed" go.version=go1.16.15 http.request.contenttype="application/vnd.docker.distribution.manifest.v2+json" http.request.host="docker-registry:5000" http.request.id=b2329d48-38dd-471c-8691-6b08c1eb7ec5 http.request.method=PUT http.request.remoteaddr="172.18.0.1:42376" http.request.uri="/v2/alpine/manifests/latest" http.request.useragent="docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \(linux\))" http.response.duration=27.598063ms http.response.status=201 http.response.written=0
172.18.0.1 - - [01/Dec/2022:13:05:49 +0000] "PUT /v2/alpine/manifests/latest HTTP/1.1" 201 0 "" "docker/20.10.17 go/go1.17.11 git-commit/a89b842 kernel/5.15.0-46-generic os/linux arch/amd64 UpstreamClient(Docker-Client/20.10.17 \\(linux\\))"
Cloudflare is used for SSL. It automatically redirects to 443


From the comments:
Is your proxy configuration dropping the /v2 from the requests to the backend?
Yes, it does
That's an issue. The /v2 is part of the API. I believe the following will include the /v2 in the proxied requests:
proxy_pass http://registry/v2/;


I solved the problem
One of the main problems was that I was only listening to requests from port 443. This was wrong because my Cloudflare's encryption mode was "Flexible". In this mode, all connections between Cloudflare and your origin are made through HTTP
I changed 443 to 80, location, and the value of "proxy_set_header X-Forwarded-Proto" with "https", problem solved ))
server {
listen 80;
....
....
location / {
....
proxy_set_header X-Forwarded-Proto https;
....
}
}

Related

authenticate against sonatype ossindex with maven plugin

I am using the mvn org.sonatype.ossindex.maven:ossindex-maven-plugin from command line to check the dependencies of a maven project for CVEs. Locally, everything works fine, but in my build pipeline in Azure Devops, I get the following error:
[DEBUG] Connecting to ossindex.sonatype.org/18.118.116.156:443
[DEBUG] Connecting socket to ossindex.sonatype.org/18.118.116.156:443 with timeout 0
[DEBUG] Enabled protocols: [TLSv1.3, TLSv1.2]
[DEBUG] Enabled cipher suites:[TLS_AES_128_GCM_SHA256, TLS_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
[DEBUG] Starting handshake
[DEBUG] Secure session established
[DEBUG] negotiated protocol: TLSv1.2
[DEBUG] negotiated cipher suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
[DEBUG] peer principal: CN=ossindex.sonatype.org
[DEBUG] peer alternative names: [ossindex.sonatype.org]
[DEBUG] issuer principal: CN=Amazon, OU=Server CA 1B, O=Amazon, C=US
[DEBUG] Connection established 172.21.1.242:33030<->18.118.116.156:443
[DEBUG] Executing request POST /api/v3/component-report HTTP/1.1
[DEBUG] Proxy auth state: UNCHALLENGED
[DEBUG] http-outgoing-2 >> POST /api/v3/component-report HTTP/1.1
[DEBUG] http-outgoing-2 >> User-Agent: ossindex-client/1.1.1 (Linux; 5.4.0-124-generic; amd64; 11.0.12) Maven/3.8.1 Maven-Plugin/3.1.0
[DEBUG] http-outgoing-2 >> Authorization: Basic {SOME_BASE_64_THAT_TRANSLATES_TO:AzureDevOps:ey...}
[DEBUG] http-outgoing-2 >> Accept: application/vnd.ossindex.component-report.v1+json
[DEBUG] http-outgoing-2 >> Content-Length: 6737
[DEBUG] http-outgoing-2 >> Content-Type: application/vnd.ossindex.component-report-request.v1+json; charset=UTF-8
[DEBUG] http-outgoing-2 >> Host: ossindex.sonatype.org
[DEBUG] http-outgoing-2 >> Connection: Keep-Alive
[DEBUG] http-outgoing-2 >> Accept-Encoding: gzip,deflate
[DEBUG] http-outgoing-2 >> "POST /api/v3/component-report HTTP/1.1[\r][\n]"
[DEBUG] http-outgoing-2 >> "User-Agent: ossindex-client/1.1.1 (Linux; 5.4.0-124-generic; amd64; 11.0.12) Maven/3.8.1 Maven-Plugin/3.1.0[\r][\n]"
[DEBUG] http-outgoing-2 >> "Authorization: Basic {SOME_OTHER_BASE64_NO_IDEA_WHERE_IT_COMES_FROM=[\r][\n]"
[DEBUG] http-outgoing-2 >> "Accept: application/vnd.ossindex.component-report.v1+json[\r][\n]"
[DEBUG] http-outgoing-2 >> "Content-Length: 6737[\r][\n]"
[DEBUG] http-outgoing-2 >> "Content-Type: application/vnd.ossindex.component-report-request.v1+json; charset=UTF-8[\r][\n]"
[DEBUG] http-outgoing-2 >> "Host: ossindex.sonatype.org[\r][\n]"
[DEBUG] http-outgoing-2 >> "Connection: Keep-Alive[\r][\n]"
[DEBUG] http-outgoing-2 >> "Accept-Encoding: gzip,deflate[\r][\n]"
[DEBUG] http-outgoing-2 >> "[\r][\n]"
[DEBUG] http-outgoing-2 >> "{"coordinates":[ A_LIST_OF_128_COORDINATES]
[DEBUG] http-outgoing-2 << "HTTP/1.1 401 Unauthorized[\r][\n]"
[DEBUG] http-outgoing-2 << "Date: Wed, 07 Dec 2022 13:51:42 GMT[\r][\n]"
[DEBUG] http-outgoing-2 << "Content-Length: 0[\r][\n]"
[DEBUG] http-outgoing-2 << "Connection: keep-alive[\r][\n]"
so I tried setting the clientConfiguration parameter described here.
it has a dead link but I believe it references this class which has this class as a member.
mvn org.sonatype.ossindex.maven:ossindex-maven-plugin:3.1.0:audit -f $(Build.SourcesDirectory)/pom.xml -"Dossindex.authId=MY_SERVER" -"Dossindex.clientConfiguration={\"auth\": {\"username\": \"myemail#myorg.com\", \"password\": \"$(OSS_INDEX_API_TOKEN)\"} }"
but it didn't change anything.
Is this how one passes this parameter? Why am I getting a 401 in my build pipeline but everything works locally? I tried reading the docs on what requests are allowed/authorized but found them rather lacking...

Login with Selenium + Chrome driver + Browsermob Proxy only works if I add another proxy -> why?

I have the code below to initialise a setup of Selenium + Chrome driver + Browsermob Proxy to login to a certain website.
If I just use the setup above, the login fails with HTTP 403. However, if I had another Proxy (Selenium + Chrome driver + Browsermob Proxy + e.g. Fiddler Everywhere, see lines after "to pass requests from proxy server to Fiddler Everywhere") and force the requests from Browsermob Proxy to be proxied by Fiddler Everywhere, then the login works well.
Can anyone provide me a hint on how to debug and/or clear this problem?
I have investigated the headers between all legs:
"Via: 1.1 browsermobproxy" is being added by Browsermob but I replayed a login request after removing "Via" header from Browsermob, and did not have any effect.
BrowserMob is removing "Connection:keep-alive". Could this be the cause (or hint at the cause) ?
I also checked:
The body of the request is not changed across the full chain.
HTTP protocol version does not change across the full chain (HTTP/1.1).
Here is a detailed log of the request without Fiddler:
POST /api/sts/v2/oauth/auth?client_request_id=34634696-b122-40de-b144-ab812a4b3784 HTTP/1.1
Host: www.example.com
Connection: keep-alive
Content-Length: 147
AccountType: Real
X-STS-ClientTime: 2020-08-27T18:10:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36
X-STS-AppDomain: https://www.example.com
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
X-STS-GatewayAppId: 90631448-9A01-4860-9FA5-B4EBCDE5EA1D
ApplicationIdentifier: Rexample
ApplicationVersion: 268.0.1
X-DEVICE-ID: 77f281a4-7914-4417-b144-4811998c3e5b
Origin: https://www.example.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.example.com/login
Accept-Encoding: gzip, deflate, br
Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
Cookie: __cfduid=d722b1913f887e5df9b0c740ccef4744a1598548223; exampleLocale=en-gb; TS01047baf=01f1b32d7e1354b9f541c1bab1a81960be72277a638bce5a4865b5b1d5b2e0a9cfddddbcba0d21185b68a7d599391e972d5f065031; __cflb=02DiuEAg8LPSYevHEYiyx9rnANkoz3ETfpNySVtv8fQVr; TMIS2=9a74f2a90237486aab4dcb9d44dec14a0520aaf521b9e87e81f271264e25038c2919d29ee219162aa2ad6bdb68fbe78a86ce282ef510aa77456a3876e4e790d3fdbb0ca31af4d206c67f7b9b5fda93e11b80782ed9095c6a7d8766b4642a69785e7ba9d0a86cd98f3b42c2172a8821bbe6906b6fafc8178f0d742271591193; __cf_bm=50d03de4ce1301af67fa03c59387373fba4d8b3e-1598548241-1800-AZ39AzpjNXxDQ+qFhgfI0OYbMauZ3vXOA1MUejwqJsfE3kOEmEVmKXtsstKg5vZZ5ie/d3yHbgzM8RzzLqqSQEVnd5Vy+l06FUm5Z90kFf54ffUqgq+ywM4EOcGhdP22aetxTezQvFieWgfScPvH0SzqDmFpvrmZJmRuLvnywgcLX14Ys9uA2tMCLWSlDesiQA==; mp_dbbd7bd9566da85f012f7ca5d8c6c944_mixpanel=%7B%22distinct_id%22%3A%20%2217430e66d1679d-015c94d6c30eda-31647304-fa000-17430e66d17591%22%2C%22%24device_id%22%3A%20%2217430e66d1679d-015c94d6c30eda-31647304-fa000-17430e66d17591%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _gcl_au=1.1.706805090.1598548242; G_ENABLED_IDPS=google; _uetsid=5c779e7394432399f739848297b9a350; _uetvid=d421e48c4acc1f88b81573014b4fa429; _fbp=fb.1.1598548244752.1489311425; __adal_ses=*; __adal_id=c4b052ee-96b4-4643-b30e-af4af0f7460d.1598548246.1.1598548246.1598548246.2a5a85bd-5415-4275-942c-e02a8048acc2; __adal_ca=so%3Ddirect%26me%3Dnone%26ca%3Ddirect%26co%3D%28not%2520set%29%26ke%3D%28not%2520set%29; __adal_cw=1598548245533; _ga=GA1.2.436171435.1598548249; _gid=GA1.2.1493657885.1598548249; _gat=1; _gat_UA-2056847-65=1
DEBUG [LittleProxy-0-ClientToProxyWorker-2] (ClientToProxyConnection.java:183) - (AWAITING_INITIAL) [id: 0x367d8cd0, L:/[0:0:0:0:0:0:0:1]:64108 - R:/[0:0:0:0:0:0:0:1]:64132]: Received raw request: DefaultHttpRequest(decodeResult: success, version: HTTP/1.1)
POST /api/sts/v2/oauth/auth?client_request_id=34634696-b122-40de-b144-ab812a4b3784 HTTP/1.1
Host: www.example.com
Connection: keep-alive
Content-Length: 147
AccountType: Real
X-STS-ClientTime: 2020-08-27T18:10:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36
X-STS-AppDomain: https://www.example.com
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
X-STS-GatewayAppId: 90631448-9A01-4860-9FA5-B4EBCDE5EA1D
ApplicationIdentifier: Rexample
ApplicationVersion: 268.0.1
X-DEVICE-ID: 77f281a4-7914-4417-b144-4811998c3e5b
Origin: https://www.example.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.example.com/login
Accept-Encoding: gzip, deflate, br
Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
Cookie: __cfduid=d722b1913f887e5df9b0c740ccef4744a1598548223; exampleLocale=en-gb; TS01047baf=01f1b32d7e1354b9f541c1bab1a81960be72277a638bce5a4865b5b1d5b2e0a9cfddddbcba0d21185b68a7d599391e972d5f065031; __cflb=02DiuEAg8LPSYevHEYiyx9rnANkoz3ETfpNySVtv8fQVr; TMIS2=9a74f2a90237486aab4dcb9d44dec14a0520aaf521b9e87e81f271264e25038c2919d29ee219162aa2ad6bdb68fbe78a86ce282ef510aa77456a3876e4e790d3fdbb0ca31af4d206c67f7b9b5fda93e11b80782ed9095c6a7d8766b4642a69785e7ba9d0a86cd98f3b42c2172a8821bbe6906b6fafc8178f0d742271591193; __cf_bm=50d03de4ce1301af67fa03c59387373fba4d8b3e-1598548241-1800-AZ39AzpjNXxDQ+qFhgfI0OYbMauZ3vXOA1MUejwqJsfE3kOEmEVmKXtsstKg5vZZ5ie/d3yHbgzM8RzzLqqSQEVnd5Vy+l06FUm5Z90kFf54ffUqgq+ywM4EOcGhdP22aetxTezQvFieWgfScPvH0SzqDmFpvrmZJmRuLvnywgcLX14Ys9uA2tMCLWSlDesiQA==; mp_dbbd7bd9566da85f012f7ca5d8c6c944_mixpanel=%7B%22distinct_id%22%3A%20%2217430e66d1679d-015c94d6c30eda-31647304-fa000-17430e66d17591%22%2C%22%24device_id%22%3A%20%2217430e66d1679d-015c94d6c30eda-31647304-fa000-17430e66d17591%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _gcl_au=1.1.706805090.1598548242; G_ENABLED_IDPS=google; _uetsid=5c779e7394432399f739848297b9a350; _uetvid=d421e48c4acc1f88b81573014b4fa429; _fbp=fb.1.1598548244752.1489311425; __adal_ses=*; __adal_id=c4b052ee-96b4-4643-b30e-af4af0f7460d.1598548246.1.1598548246.1598548246.2a5a85bd-5415-4275-942c-e02a8048acc2; __adal_ca=so%3Ddirect%26me%3Dnone%26ca%3Ddirect%26co%3D%28not%2520set%29%26ke%3D%28not%2520set%29; __adal_cw=1598548245533; _ga=GA1.2.436171435.1598548249; _gid=GA1.2.1493657885.1598548249; _gat=1; _gat_UA-2056847-65=1
DEBUG [LittleProxy-0-ClientToProxyWorker-2] (ClientToProxyConnection.java:269) - (AWAITING_INITIAL) [id: 0x367d8cd0, L:/[0:0:0:0:0:0:0:1]:64108 - R:/[0:0:0:0:0:0:0:1]:64132]: Ensuring that hostAndPort are available in /api/sts/v2/oauth/auth?client_request_id=34634696-b122-40de-b144-ab812a4b3784
DEBUG [LittleProxy-0-ClientToProxyWorker-2] (ClientToProxyConnection.java:281) - (AWAITING_INITIAL) [id: 0x367d8cd0, L:/[0:0:0:0:0:0:0:1]:64108 - R:/[0:0:0:0:0:0:0:1]:64132]: Finding ProxyToServerConnection for: www.example.com
DEBUG [LittleProxy-0-ClientToProxyWorker-2] (ClientToProxyConnection.java:331) - (AWAITING_INITIAL) [id: 0x367d8cd0, L:/[0:0:0:0:0:0:0:1]:64108 - R:/[0:0:0:0:0:0:0:1]:64132]: Reusing existing server connection: org.littleshoot.proxy.impl.ProxyToServerConnection#7c392fd2
DEBUG [LittleProxy-0-ClientToProxyWorker-2] (ClientToProxyConnection.java:1084) - (AWAITING_INITIAL) [id: 0x367d8cd0, L:/[0:0:0:0:0:0:0:1]:64108 - R:/[0:0:0:0:0:0:0:1]:64132]: Modifying request for proxy chaining
DEBUG [LittleProxy-0-ClientToProxyWorker-2] (ClientToProxyConnection.java:1088) - (AWAITING_INITIAL) [id: 0x367d8cd0, L:/[0:0:0:0:0:0:0:1]:64108 - R:/[0:0:0:0:0:0:0:1]:64132]: Stripped host from uri: /api/sts/v2/oauth/auth?client_request_id=34634696-b122-40de-b144-ab812a4b3784 yielding: /api/sts/v2/oauth/auth?client_request_id=34634696-b122-40de-b144-ab812a4b3784
DEBUG [LittleProxy-0-ClientToProxyWorker-2] (ClientToProxyConnection.java:1093) - (AWAITING_INITIAL) [id: 0x367d8cd0, L:/[0:0:0:0:0:0:0:1]:64108 - R:/[0:0:0:0:0:0:0:1]:64132]: Modifying request headers for proxying
DEBUG [LittleProxy-0-ClientToProxyWorker-2] (ClientToProxyConnection.java:350) - (AWAITING_INITIAL) [id: 0x367d8cd0, L:/[0:0:0:0:0:0:0:1]:64108 - R:/[0:0:0:0:0:0:0:1]:64132]: Writing request to ProxyToServerConnection
DEBUG [LittleProxy-0-ClientToProxyWorker-2] (ProxyToServerConnection.java:316) - (AWAITING_INITIAL) [id: 0xba528f83, L:/172.20.10.2:64134 - R:www.example.com/104.18.19.67:443]: Requested write of DefaultHttpRequest(decodeResult: success, version: HTTP/1.1)
POST /api/sts/v2/oauth/auth?client_request_id=34634696-b122-40de-b144-ab812a4b3784 HTTP/1.1
Host: www.example.com
Content-Length: 147
AccountType: Real
X-STS-ClientTime: 2020-08-27T18:10:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36
X-STS-AppDomain: https://www.example.com
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
X-STS-GatewayAppId: 90631448-9A01-4860-9FA5-B4EBCDE5EA1D
ApplicationIdentifier: Rexample
ApplicationVersion: 268.0.1
X-DEVICE-ID: 77f281a4-7914-4417-b144-4811998c3e5b
Origin: https://www.example.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.example.com/login
Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
Cookie: __cfduid=d722b1913f887e5df9b0c740ccef4744a1598548223; exampleLocale=en-gb; TS01047baf=01f1b32d7e1354b9f541c1bab1a81960be72277a638bce5a4865b5b1d5b2e0a9cfddddbcba0d21185b68a7d599391e972d5f065031; __cflb=02DiuEAg8LPSYevHEYiyx9rnANkoz3ETfpNySVtv8fQVr; TMIS2=9a74f2a90237486aab4dcb9d44dec14a0520aaf521b9e87e81f271264e25038c2919d29ee219162aa2ad6bdb68fbe78a86ce282ef510aa77456a3876e4e790d3fdbb0ca31af4d206c67f7b9b5fda93e11b80782ed9095c6a7d8766b4642a69785e7ba9d0a86cd98f3b42c2172a8821bbe6906b6fafc8178f0d742271591193; __cf_bm=50d03de4ce1301af67fa03c59387373fba4d8b3e-1598548241-1800-AZ39AzpjNXxDQ+qFhgfI0OYbMauZ3vXOA1MUejwqJsfE3kOEmEVmKXtsstKg5vZZ5ie/d3yHbgzM8RzzLqqSQEVnd5Vy+l06FUm5Z90kFf54ffUqgq+ywM4EOcGhdP22aetxTezQvFieWgfScPvH0SzqDmFpvrmZJmRuLvnywgcLX14Ys9uA2tMCLWSlDesiQA==; mp_dbbd7bd9566da85f012f7ca5d8c6c944_mixpanel=%7B%22distinct_id%22%3A%20%2217430e66d1679d-015c94d6c30eda-31647304-fa000-17430e66d17591%22%2C%22%24device_id%22%3A%20%2217430e66d1679d-015c94d6c30eda-31647304-fa000-17430e66d17591%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _gcl_au=1.1.706805090.1598548242; G_ENABLED_IDPS=google; _uetsid=5c779e7394432399f739848297b9a350; _uetvid=d421e48c4acc1f88b81573014b4fa429; _fbp=fb.1.1598548244752.1489311425; __adal_ses=*; __adal_id=c4b052ee-96b4-4643-b30e-af4af0f7460d.1598548246.1.1598548246.1598548246.2a5a85bd-5415-4275-942c-e02a8048acc2; __adal_ca=so%3Ddirect%26me%3Dnone%26ca%3Ddirect%26co%3D%28not%2520set%29%26ke%3D%28not%2520set%29; __adal_cw=1598548245533; _ga=GA1.2.436171435.1598548249; _gid=GA1.2.1493657885.1598548249; _gat=1; _gat_UA-2056847-65=1
Accept-Encoding: gzip, deflate, br
Via: 1.1 browsermobproxy
DEBUG [LittleProxy-0-ClientToProxyWorker-2] (ProxyToServerConnection.java:348) - (AWAITING_INITIAL) [id: 0xba528f83, L:/172.20.10.2:64134 - R:www.example.com/104.18.19.67:443]: Using existing connection to: www.example.com/104.18.19.67:443
DEBUG [LittleProxy-0-ClientToProxyWorker-2] (ProxyConnection.java:228) - (AWAITING_INITIAL) [id: 0xba528f83, L:/172.20.10.2:64134 - R:www.example.com/104.18.19.67:443]: Writing: DefaultHttpRequest(decodeResult: success, version: HTTP/1.1)
POST /api/sts/v2/oauth/auth?client_request_id=34634696-b122-40de-b144-ab812a4b3784 HTTP/1.1
Host: www.example.com
Content-Length: 147
AccountType: Real
X-STS-ClientTime: 2020-08-27T18:10:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36
X-STS-AppDomain: https://www.example.com
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
X-STS-GatewayAppId: 90631448-9A01-4860-9FA5-B4EBCDE5EA1D
ApplicationIdentifier: Rexample
ApplicationVersion: 268.0.1
X-DEVICE-ID: 77f281a4-7914-4417-b144-4811998c3e5b
Origin: https://www.example.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.example.com/login
Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
Cookie: __cfduid=d722b1913f887e5df9b0c740ccef4744a1598548223; exampleLocale=en-gb; TS01047baf=01f1b32d7e1354b9f541c1bab1a81960be72277a638bce5a4865b5b1d5b2e0a9cfddddbcba0d21185b68a7d599391e972d5f065031; __cflb=02DiuEAg8LPSYevHEYiyx9rnANkoz3ETfpNySVtv8fQVr; TMIS2=9a74f2a90237486aab4dcb9d44dec14a0520aaf521b9e87e81f271264e25038c2919d29ee219162aa2ad6bdb68fbe78a86ce282ef510aa77456a3876e4e790d3fdbb0ca31af4d206c67f7b9b5fda93e11b80782ed9095c6a7d8766b4642a69785e7ba9d0a86cd98f3b42c2172a8821bbe6906b6fafc8178f0d742271591193; __cf_bm=50d03de4ce1301af67fa03c59387373fba4d8b3e-1598548241-1800-AZ39AzpjNXxDQ+qFhgfI0OYbMauZ3vXOA1MUejwqJsfE3kOEmEVmKXtsstKg5vZZ5ie/d3yHbgzM8RzzLqqSQEVnd5Vy+l06FUm5Z90kFf54ffUqgq+ywM4EOcGhdP22aetxTezQvFieWgfScPvH0SzqDmFpvrmZJmRuLvnywgcLX14Ys9uA2tMCLWSlDesiQA==; mp_dbbd7bd9566da85f012f7ca5d8c6c944_mixpanel=%7B%22distinct_id%22%3A%20%2217430e66d1679d-015c94d6c30eda-31647304-fa000-17430e66d17591%22%2C%22%24device_id%22%3A%20%2217430e66d1679d-015c94d6c30eda-31647304-fa000-17430e66d17591%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _gcl_au=1.1.706805090.1598548242; G_ENABLED_IDPS=google; _uetsid=5c779e7394432399f739848297b9a350; _uetvid=d421e48c4acc1f88b81573014b4fa429; _fbp=fb.1.1598548244752.1489311425; __adal_ses=*; __adal_id=c4b052ee-96b4-4643-b30e-af4af0f7460d.1598548246.1.1598548246.1598548246.2a5a85bd-5415-4275-942c-e02a8048acc2; __adal_ca=so%3Ddirect%26me%3Dnone%26ca%3Ddirect%26co%3D%28not%2520set%29%26ke%3D%28not%2520set%29; __adal_cw=1598548245533; _ga=GA1.2.436171435.1598548249; _gid=GA1.2.1493657885.1598548249; _gat=1; _gat_UA-2056847-65=1
Accept-Encoding: gzip, deflate, br
Via: 1.1 browsermobproxy
DEBUG [LittleProxy-0-ClientToProxyWorker-2] (ProxyConnection.java:237) - (AWAITING_INITIAL) [id: 0xba528f83, L:/172.20.10.2:64134 - R:www.example.com/104.18.19.67:443]: Wrote: DefaultHttpRequest(decodeResult: success, version: HTTP/1.1)
POST /api/sts/v2/oauth/auth?client_request_id=34634696-b122-40de-b144-ab812a4b3784 HTTP/1.1
Host: www.example.com
Content-Length: 147
AccountType: Real
X-STS-ClientTime: 2020-08-27T18:10:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36
X-STS-AppDomain: https://www.example.com
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
X-STS-GatewayAppId: 90631448-9A01-4860-9FA5-B4EBCDE5EA1D
ApplicationIdentifier: Rexample
ApplicationVersion: 268.0.1
X-DEVICE-ID: 77f281a4-7914-4417-b144-4811998c3e5b
Origin: https://www.example.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.example.com/login
Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
Cookie: __cfduid=d722b1913f887e5df9b0c740ccef4744a1598548223; exampleLocale=en-gb; TS01047baf=01f1b32d7e1354b9f541c1bab1a81960be72277a638bce5a4865b5b1d5b2e0a9cfddddbcba0d21185b68a7d599391e972d5f065031; __cflb=02DiuEAg8LPSYevHEYiyx9rnANkoz3ETfpNySVtv8fQVr; TMIS2=9a74f2a90237486aab4dcb9d44dec14a0520aaf521b9e87e81f271264e25038c2919d29ee219162aa2ad6bdb68fbe78a86ce282ef510aa77456a3876e4e790d3fdbb0ca31af4d206c67f7b9b5fda93e11b80782ed9095c6a7d8766b4642a69785e7ba9d0a86cd98f3b42c2172a8821bbe6906b6fafc8178f0d742271591193; __cf_bm=50d03de4ce1301af67fa03c59387373fba4d8b3e-1598548241-1800-AZ39AzpjNXxDQ+qFhgfI0OYbMauZ3vXOA1MUejwqJsfE3kOEmEVmKXtsstKg5vZZ5ie/d3yHbgzM8RzzLqqSQEVnd5Vy+l06FUm5Z90kFf54ffUqgq+ywM4EOcGhdP22aetxTezQvFieWgfScPvH0SzqDmFpvrmZJmRuLvnywgcLX14Ys9uA2tMCLWSlDesiQA==; mp_dbbd7bd9566da85f012f7ca5d8c6c944_mixpanel=%7B%22distinct_id%22%3A%20%2217430e66d1679d-015c94d6c30eda-31647304-fa000-17430e66d17591%22%2C%22%24device_id%22%3A%20%2217430e66d1679d-015c94d6c30eda-31647304-fa000-17430e66d17591%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _gcl_au=1.1.706805090.1598548242; G_ENABLED_IDPS=google; _uetsid=5c779e7394432399f739848297b9a350; _uetvid=d421e48c4acc1f88b81573014b4fa429; _fbp=fb.1.1598548244752.1489311425; __adal_ses=*; __adal_id=c4b052ee-96b4-4643-b30e-af4af0f7460d.1598548246.1.1598548246.1598548246.2a5a85bd-5415-4275-942c-e02a8048acc2; __adal_ca=so%3Ddirect%26me%3Dnone%26ca%3Ddirect%26co%3D%28not%2520set%29%26ke%3D%28not%2520set%29; __adal_cw=1598548245533; _ga=GA1.2.436171435.1598548249; _gid=GA1.2.1493657885.1598548249; _gat=1; _gat_UA-2056847-65=1
Accept-Encoding: gzip, deflate, br
Via: 1.1 browsermobproxy
DEBUG [LittleProxy-0-ClientToProxyWorker-2] (ProxyConnection.java:111) - (AWAITING_CHUNK) [id: 0x367d8cd0, L:/[0:0:0:0:0:0:0:1]:64108 - R:/[0:0:0:0:0:0:0:1]:64132]: Reading: DefaultLastHttpContent(data: SlicedAbstractByteBuf(ridx: 0, widx: 147, cap: 147/147, unwrapped: UnpooledByteBufAllocator$InstrumentedUnpooledUnsafeNoCleanerDirectByteBuf(ridx: 147, widx: 147, cap: 176)), decoderResult: success)
DEBUG [LittleProxy-0-ClientToProxyWorker-2] (ProxyToServerConnection.java:316) - (AWAITING_INITIAL) [id: 0xba528f83, L:/172.20.10.2:64134 - R:www.example.com/104.18.19.67:443]: Requested write of DefaultLastHttpContent(data: SlicedAbstractByteBuf(ridx: 0, widx: 147, cap: 147/147, unwrapped: UnpooledByteBufAllocator$InstrumentedUnpooledUnsafeNoCleanerDirectByteBuf(ridx: 147, widx: 147, cap: 176)), decoderResult: success)
DEBUG [LittleProxy-0-ClientToProxyWorker-2] (ProxyToServerConnection.java:319) - (AWAITING_INITIAL) [id: 0xba528f83, L:/172.20.10.2:64134 - R:www.example.com/104.18.19.67:443]: Retaining reference counted message
DEBUG [LittleProxy-0-ClientToProxyWorker-2] (ProxyToServerConnection.java:348) - (AWAITING_INITIAL) [id: 0xba528f83, L:/172.20.10.2:64134 - R:www.example.com/104.18.19.67:443]: Using existing connection to: www.example.com/104.18.19.67:443
DEBUG [LittleProxy-0-ClientToProxyWorker-2] (ProxyConnection.java:228) - (AWAITING_INITIAL) [id: 0xba528f83, L:/172.20.10.2:64134 - R:www.example.com/104.18.19.67:443]: Writing: DefaultLastHttpContent(data: SlicedAbstractByteBuf(ridx: 0, widx: 147, cap: 147/147, unwrapped: UnpooledByteBufAllocator$InstrumentedUnpooledUnsafeNoCleanerDirectByteBuf(ridx: 147, widx: 147, cap: 176)), decoderResult: success)
DEBUG [LittleProxy-0-ClientToProxyWorker-2] (ProxyConnection.java:249) - (AWAITING_INITIAL) [id: 0xba528f83, L:/172.20.10.2:64134 - R:www.example.com/104.18.19.67:443]: Writing an empty buffer to signal the end of our chunked transfer
DEBUG [LittleProxy-0-ClientToProxyWorker-2] (ProxyConnection.java:237) - (AWAITING_INITIAL) [id: 0xba528f83, L:/172.20.10.2:64134 - R:www.example.com/104.18.19.67:443]: Wrote: DefaultLastHttpContent(data: SlicedAbstractByteBuf(ridx: 0, widx: 147, cap: 147/147, unwrapped: UnpooledByteBufAllocator$InstrumentedUnpooledUnsafeNoCleanerDirectByteBuf(ridx: 147, widx: 147, cap: 176)), decoderResult: success)
DEBUG [LittleProxy-0-ProxyToServerWorker-0] (ProxyConnection.java:111) - (AWAITING_INITIAL) [id: 0xba528f83, L:/172.20.10.2:64134 - R:www.example.com/104.18.19.67:443]: Reading: DefaultHttpResponse(decodeResult: success, version: HTTP/1.1)
HTTP/1.1 403 Forbidden
Date: Thu, 27 Aug 2020 17:10:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
cf-request-id: 04d27fab5700001bfece21f200000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 5c97688bbb9f1bfe-OSL
Content-Encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
DEBUG [LittleProxy-0-ProxyToServerWorker-0] (ProxyToServerConnection.java:220) - (AWAITING_INITIAL) [id: 0xba528f83, L:/172.20.10.2:64134 - R:www.example.com/104.18.19.67:443]: Received raw response: DefaultHttpResponse(decodeResult: success, version: HTTP/1.1)
Thank you!
System.setProperty("webdriver.chrome.driver", "/usr/local/bin/chromedriver");
System.setProperty("webdriver.chrome.silentOutput", "true");
System.setProperty("webdriver.chrome.verboseLogging", "false");
ChromeOptions options = new ChromeOptions();
// route Chrome requests to proxy server
proxy = new BrowserMobProxyServer();
// to pass requests from proxy server to Fiddler Everywhere
// InetSocketAddress inetsockaddr = new InetSocketAddress('localhost', 8866);
// proxy.setTrustAllServers(true);
// proxy.setChainedProxy(inetsockaddr);
// start proxy server
proxy.start(0);
Proxy seleniumProxy = ClientUtil.createSeleniumProxy(proxy);
seleniumProxy.setHttpProxy("localhost:"+ proxy.getPort());
seleniumProxy.setSslProxy("localhost:"+ proxy.getPort());
options.setCapability(CapabilityType.PROXY, seleniumProxy);
options.setCapability(CapabilityType.ACCEPT_SSL_CERTS, true);
options.setCapability (CapabilityType.ACCEPT_INSECURE_CERTS, true);
//options.addArguments("headless");
//options.addArguments("window-size=1200x600");
options.setExperimentalOption("excludeSwitches", Collections.singletonList("enable-automation"));
options.setExperimentalOption("useAutomationExtension", false);
options.addArguments("--disable-blink-features=AutomationControlled");
driver = new ChromeDriver(options);`

Solved this by replacing the JDK, from OpenJDK to Oracle

Pushing to secured docker registry gets 400 The plain HTTP request was sent to HTTPS port

I followed this link to create a dockerized proxy server for my registry.
I ran these commands:
htpasswd -c ~/my-registry.htpasswd USERNAME
mkdir ~/certs
docker run --rm -e COMMON_NAME=hostName -e KEY_NAME=my-registry -v ~/certs:/certs centurylink/openssl
docker run -d --expose=5000 --name=registry registry:2
docker run -d -p 8080:8080 -e PUBLIC_IP_ADDR=hostName --link registry:registry -v ~/certs/my-registry.crt:/etc/ssl/certs/docker-registry -v ~/certs/my-registry.key:/etc/ssl/private/docker-registry -v ~/my-registry.htpasswd:/etc/nginx/docker-registry.htpasswd centurylinklabs/nginx-ssl-proxy
I then opened the https://hostName:8080/v2/ in my browser, exported the certificate, and installed the crt file on my windows client, and also saved a copy to C:\ProgramData\Docker\certs.d\hostName8080\ca.crt
The login to registry is completely successful, but when I run
docker push hostName:8080/base
The following response is returned:
90c0b5c927ee: Pushing [==================================================>] 316.4kB
48a81194835d: Pushing [==================================================>] 2.048kB
024e3f43ffc2: Pushing [==================================================>] 8.382MB/8.382MB
error parsing HTTP 400 response body: invalid character '<' looking for beginning of value: "<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx/1.7.9</center>\r\n</body>\r\n</html>\r\n"
And the image isn't uploaded.
This is the docker logs of the push:
"GET /v2/ HTTP/1.1" 401 194 "-" "docker/17.12.0-ce go/go1.9.2 git-commit/c97c6d6 kernel/4.9.60-linuxkit-aufs os/linux arch/amd64 UpstreamClient(Docker-Client/17.12.0-ce \x5C(windows\x5C))" "-"
"POST /v2/base/blobs/uploads/ HTTP/1.1" 202 0 "-" "docker/17.12.0-ce go/go1.9.2 git-commit/c97c6d6 kernel/4.9.60-linuxkit-aufs os/linux arch/amd64 UpstreamClient(Docker-Client/17.12.0-ce \x5C(windows\x5C))" "-"
"POST /v2/base/blobs/uploads/ HTTP/1.1" 202 0 "-" "docker/17.12.0-ce go/go1.9.2 git-commit/c97c6d6 kernel/4.9.60-linuxkit-aufs os/linux arch/amd64 UpstreamClient(Docker-Client/17.12.0-ce \x5C(windows\x5C))" "-"
"POST /v2/base/blobs/uploads/ HTTP/1.1" 202 0 "-" "docker/17.12.0-ce go/go1.9.2 git-commit/c97c6d6 kernel/4.9.60-linuxkit-aufs os/linux arch/amd64 UpstreamClient(Docker-Client/17.12.0-ce \x5C(windows\x5C))" "-"
"PATCH /v2/base/blobs/uploads/65e201c4-66b9-4723-a074-7fdcc8535665?_state=H4ygF8XuJkl24AWQeN19_7fgpAiyDeNlWnwbmPdZ8Tl7Ik5hbWUiOiJiYXNlIiwiVVVJRCI6IjY1ZTIwMWM0LTY2YjktNDcyMy1hMDc0LTdmZGNjODUzNTY2NSIsIk9mZnNldCI6MCwiU3RhcnRlZEF0IjoiMjAxOC0wMS0yMVQwNTo1MToxNy4yMzg0OTIwMjZaIn0%3D HTTP/1.1" 400 270 "-" "docker/17.12.0-ce go/go1.9.2 git-commit/c97c6d6 kernel/4.9.60-linuxkit-aufs os/linux arch/amd64 UpstreamClient(Docker-Client/17.12.0-ce \x5C(windows\x5C))" "-"
"PATCH /v2/base/blobs/uploads/a431532f-a2dc-4ac4-aea3-67b62594a57e?_state=D2FM5ALYWtMF1xotyibSEmHyAH6pdJJXWXZFpqWR2hl7Ik5hbWUiOiJiYXNlIiwiVVVJRCI6ImE0MzE1MzJmLWEyZGMtNGFjNC1hZWEzLTY3YjYyNTk0YTU3ZSIsIk9mZnNldCI6MCwiU3RhcnRlZEF0IjoiMjAxOC0wMS0yMVQwNTo1MToxNy4yMjk5ODQwNDNaIn0%3D HTTP/1.1" 400 270 "-" "docker/17.12.0-ce go/go1.9.2 git-commit/c97c6d6 kernel/4.9.60-linuxkit-aufs os/linux arch/amd64 UpstreamClient(Docker-Client/17.12.0-ce \x5C(windows\x5C))" "-"
"PATCH /v2/base/blobs/uploads/7868c561-5524-4c32-8d2a-c2121e54fb00?_state=i4KyRqAo_LI3S6ED7j9sC7EQbLwAWpXLnWXlQuPf2yR7Ik5hbWUiOiJiYXNlIiwiVVVJRCI6Ijc4NjhjNTYxLTU1MjQtNGMzMi04ZDJhLWMyMTIxZTU0ZmIwMCIsIk9mZnNldCI6MCwiU3RhcnRlZEF0IjoiMjAxOC0wMS0yMVQwNTo1MToxNy4yMjk0ODIyMjZaIn0%3D HTTP/1.1" 400 270 "-" "docker/17.12.0-ce go/go1.9.2 git-commit/c97c6d6 kernel/4.9.60-linuxkit-aufs os/linux arch/amd64 UpstreamClient(Docker-Client/17.12.0-ce \x5C(windows\x5C))" "-"

odoo interface not correctly displaying after installing nightly package on windows

for one of my projects I needed to deploy the POS module on one of my client's computer, so I followed the following link for the Packaged installers on a windows system.
https://www.odoo.com/documentation/10.0/setup/install.html#setup-install-packaged
after the installation, when i tried to open odoo on localhost:8069 it would not give any error but would show the interface of the odoo imroperly, maybe the css or less files were not correctly loaded, i installed lessc but it did not solve my problem. my browser has javascript enable but still the interface is not correctly loaded
so if anyone help me regarding this, would appreciate it.
here are the last lines of the log file:
2017-01-18 16:57:41,072 4768 INFO test_odoo werkzeug: 127.0.0.1 - - [18/Jan/2017 16:57:41] "POST /longpolling/poll HTTP/1.1" 200 -
2017-01-18 16:58:31,105 4768 INFO test_odoo werkzeug: 127.0.0.1 - - [18/Jan/2017 16:58:31] "POST /longpolling/poll HTTP/1.1" 200 -
2017-01-18 16:59:19,237 4768 INFO test_odoo werkzeug: 127.0.0.1 - - [18/Jan/2017 16:59:19] "POST /calendar/notify HTTP/1.1" 200 -
2017-01-18 16:59:21,144 4768 INFO test_odoo werkzeug: 127.0.0.1 - - [18/Jan/2017 16:59:21] "POST /longpolling/poll HTTP/1.1" 200 -
2017-01-18 17:00:11,176 4768 INFO test_odoo werkzeug: 127.0.0.1 - - [18/Jan/2017 17:00:11] "POST /longpolling/poll HTTP/1.1" 200 -
2017-01-18 17:01:01,223 4768 INFO test_odoo werkzeug: 127.0.0.1 - - [18/Jan/2017 17:01:01] "POST /longpolling/poll HTTP/1.1" 200 -
2017-01-18 17:01:51,285 4768 INFO test_odoo werkzeug: 127.0.0.1 - - [18/Jan/2017 17:01:51] "POST /longpolling/poll HTTP/1.1" 200 -
2017-01-18 17:02:41,329 4768 INFO test_odoo werkzeug: 127.0.0.1 - - [18/Jan/2017 17:02:41] "POST /longpolling/poll HTTP/1.1" 200 -
2017-01-18 17:03:31,361 4768 INFO test_odoo werkzeug: 127.0.0.1 - - [18/Jan/2017 17:03:31] "POST /longpolling/poll HTTP/1.1" 200 -
2017-01-18 17:04:04,611 4768 INFO testdb openerp.addons.base.ir.ir_autovacuum: GC'd 0 user log entries
2017-01-18 17:04:19,220 4768 INFO test_odoo werkzeug: 127.0.0.1 - - [18/Jan/2017 17:04:19] "POST /calendar/notify HTTP/1.1" 200 -
2017-01-18 17:04:21,392 4768 INFO test_odoo werkzeug: 127.0.0.1 - - [18/Jan/2017 17:04:21] "POST /longpolling/poll HTTP/1.1" 200 -
2017-01-18 17:05:11,437 4768 INFO test_odoo werkzeug: 127.0.0.1 - - [18/Jan/2017 17:05:11] "POST /longpolling/poll HTTP/1.1" 200 -
2017-01-18 17:06:01,469 4768 INFO test_odoo werkzeug: 127.0.0.1 - - [18/Jan/2017 17:06:01] "POST /longpolling/poll HTTP/1.1" 200 -
2017-01-18 17:06:51,500 4768 INFO test_odoo werkzeug: 127.0.0.1 - - [18/Jan/2017 17:06:51] "POST /longpolling/poll HTTP/1.1" 200 -
2017-01-18 17:07:41,546 4768 INFO test_odoo werkzeug: 127.0.0.1 - - [18/Jan/2017 17:07:41] "POST /longpolling/poll HTTP/1.1" 200 -
2017-01-18 17:08:31,579 4768 INFO test_odoo werkzeug: 127.0.0.1 - - [18/Jan/2017 17:08:31] "POST /longpolling/poll HTTP/1.1" 200 -
2017-01-18 17:09:19,377 4768 INFO test_odoo werkzeug: 127.0.0.1 - - [18/Jan/2017 17:09:19] "POST /calendar/notify HTTP/1.1" 200 -
2017-01-18 17:09:21,627 4768 INFO test_odoo werkzeug: 127.0.0.1 - - [18/Jan/2017 17:09:21] "POST /longpolling/poll HTTP/1.1" 200 -
2017-01-18 17:10:11,657 4768 INFO test_odoo werkzeug: 127.0.0.1 - - [18/Jan/2017 17:10:11] "POST /longpolling/poll HTTP/1.1" 200 -
2017-01-18 17:11:01,704 4768 INFO test_odoo werkzeug: 127.0.0.1 - - [18/Jan/2017 17:11:01] "POST /longpolling/poll HTTP/1.1" 200 -
2017-01-18 17:11:51,790 4768 INFO test_odoo werkzeug: 127.0.0.1 - - [18/Jan/2017 17:11:51] "POST /longpolling/poll HTTP/1.1" 200 -
2017-01-18 17:12:41,979 4768 INFO test_odoo werkzeug: 127.0.0.1 - - [18/Jan/2017 17:12:41] "POST /longpolling/poll HTTP/1.1" 200 -
2017-01-18 17:13:32,026 4768 INFO test_odoo werkzeug: 127.0.0.1 - - [18/Jan/2017 17:13:32] "POST /longpolling/poll HTTP/1.1" 200 -
2017-01-18 17:14:19,224 4768 INFO test_odoo werkzeug: 127.0.0.1 - - [18/Jan/2017 17:14:19] "POST /calendar/notify HTTP/1.1" 200 -
2017-01-18 17:14:22,069 4768 INFO test_odoo werkzeug: 127.0.0.1 - - [18/Jan/2017 17:14:22] "POST /longpolling/poll HTTP/1.1" 200 -
2017-01-18 17:15:12,099 4768 INFO test_odoo werkzeug: 127.0.0.1 - - [18/Jan/2017 17:15:12] "POST /longpolling/poll HTTP/1.1" 200 -
2017-01-18 17:16:02,147 4768 INFO test_odoo werkzeug: 127.0.0.1 - - [18/Jan/2017 17:16:02] "POST /longpolling/poll HTTP/1.1" 200 -
2017-01-18 17:16:52,194 4768 INFO test_odoo werkzeug: 127.0.0.1 - - [18/Jan/2017 17:16:52] "POST /longpolling/poll HTTP/1.1" 200 -
2017-01-18 17:17:42,233 4768 INFO test_odoo werkzeug: 127.0.0.1 - - [18/Jan/2017 17:17:42] "POST /longpolling/poll HTTP/1.1" 200 -
2017-01-18 17:18:19,141 4768 INFO test_odoo openerp.addons.base.ir.ir_autovacuum: GC'd 0 user log entries
2017-01-18 17:18:32,266 4768 INFO test_odoo werkzeug: 127.0.0.1 - - [18/Jan/2017 17:18:32] "POST /longpolling/poll HTTP/1.1" 200 -
2017-01-18 17:19:19,234 4768 INFO test_odoo werkzeug: 127.0.0.1 - - [18/Jan/2017 17:19:19] "POST /calendar/notify HTTP/1.1" 200 -
2017-01-18 17:19:22,312 4768 INFO test_odoo werkzeug: 127.0.0.1 - - [18/Jan/2017 17:19:22] "POST /longpolling/poll HTTP/1.1" 200 -
2017-01-18 17:20:12,351 4768 INFO test_odoo werkzeug: 127.0.0.1 - - [18/Jan/2017 17:20:12] "POST /longpolling/poll HTTP/1.1" 200 -
2017-01-18 17:20:12,351 4768 ERROR test_odoo openerp.service.server: Exception happened during processing of request from ('127.0.0.1', 63941)
Traceback (most recent call last):
File "SocketServer.pyc", line 593, in process_request_thread
File "SocketServer.pyc", line 334, in finish_request
File "SocketServer.pyc", line 651, in init
File "SocketServer.pyc", line 710, in finish
File "socket.pyc", line 279, in close
File "socket.pyc", line 303, in flush
error: [Errno 10053] An established connection was aborted by the software in your host machine
2017-01-18 17:20:49,263 4768 INFO test_odoo werkzeug: 127.0.0.1 - - [18/Jan/2017 17:20:49] "POST /longpolling/poll HTTP/1.1" 200 -
2017-01-18 17:21:39,305 4768 INFO test_odoo werkzeug: 127.0.0.1 - - [18/Jan/2017 17:21:39] "POST /longpolling/poll HTTP/1.1" 200 -

nginx / sails / SSL - receiving 200 OK before file upload complete

When I enable SSL on NGINX, and I upload a file larger than 7MB, the file upload does not complete. This works fine if I remove NGINX and just put the SSL directly onto sails. I get the following from the debug file as if I am receiving a status 200 before the file is complete:
2017/01/24 12:25:16 [debug] 2645#2645: *5 sendfile: 1899007 of 54230479 #4670513
2017/01/24 12:25:16 [debug] 2645#2645: *5 chain writer out: 0000564D9740D5D0
2017/01/24 12:25:16 [debug] 2645#2645: *5 event timer: 14, old: 1485260776372, new: 1485260776465
2017/01/24 12:25:16 [debug] 2645#2645: *5 http upstream request: "/api/v1/project/56cd9e2aeabf5be95d6e9b35/report/?"
2017/01/24 12:25:16 [debug] 2645#2645: *5 http upstream process header
2017/01/24 12:25:16 [debug] 2645#2645: *5 malloc: 0000564D9740F870:4096
2017/01/24 12:25:16 [debug] 2645#2645: *5 recv: eof:0, avail:1
2017/01/24 12:25:16 [debug] 2645#2645: *5 recv: fd:14 413 of 4096
2017/01/24 12:25:16 [debug] 2645#2645: *5 http proxy status 200 "200 OK"
2017/01/24 12:25:16 [debug] 2645#2645: *5 http proxy header: "Vary: X-HTTP-Method-Override"
2017/01/24 12:25:16 [debug] 2645#2645: *5 http proxy header: "X-Powered-By: Sails <sailsjs.org>"
2017/01/24 12:25:16 [debug] 2645#2645: *5 http proxy header: "Access-Control-Allow-Origin: "
2017/01/24 12:25:16 [debug] 2645#2645: *5 http proxy header: "Access-Control-Allow-Credentials: "
2017/01/24 12:25:16 [debug] 2645#2645: *5 posix_memalign: 0000564D97410880:4096 #16
2017/01/24 12:25:16 [debug] 2645#2645: *5 http proxy header: "Access-Control-Allow-Methods: "
2017/01/24 12:25:16 [debug] 2645#2645: *5 http proxy header: "Access-Control-Allow-Headers: "
2017/01/24 12:25:16 [debug] 2645#2645: *5 http proxy header: "Access-Control-Expose-Headers: "
2017/01/24 12:25:16 [debug] 2645#2645: *5 http proxy header: "Content-Type: application/json; charset=utf-8"
2017/01/24 12:25:16 [debug] 2645#2645: *5 http proxy header: "Content-Length: 94"
2017/01/24 12:25:16 [debug] 2645#2645: *5 http proxy header: "ETag: W/"5e-dbzI0uHc1qmLjPTL2hIz3A""
2017/01/24 12:25:16 [debug] 2645#2645: *5 http proxy header: "Date: Tue, 24 Jan 2017 12:25:16 GMT"
2017/01/24 12:25:16 [debug] 2645#2645: *5 http proxy header: "Connection: keep-alive"
2017/01/24 12:25:16 [debug] 2645#2645: *5 http proxy header done
2017/01/24 12:25:16 [debug] 2645#2645: *5 xslt filter header
2017/01/24 12:25:16 [debug] 2645#2645: *5 HTTP/1.1 200 OK^M
Server: nginx/1.11.8^M
Date: Tue, 24 Jan 2017 12:25:16 GMT^M
Content-Type: application/json; charset=utf-8^M
Content-Length: 94^M
Connection: keep-alive^M
Vary: X-HTTP-Method-Override^M
X-Powered-By: Sails <sailsjs.org>^M
Access-Control-Allow-Origin: ^M
Access-Control-Allow-Credentials: ^M
Access-Control-Allow-Methods: ^M
Access-Control-Allow-Headers: ^M
Access-Control-Expose-Headers: ^M
ETag: W/"5e-dbzI0uHc1qmLjPTL2hIz3A"^M
Below is my nginx.conf file:
user www-data;
worker_processes auto;
pid /run/nginx.pid;
events {
worker_connections 768;
}
http {
sendfile on;
send_timeout 60s;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 60s;
client_max_body_size 0;
client_body_buffer_size 32K;
ssl_dhparam /ssl/dhparam.pem;
client_body_in_file_only clean;
client_body_in_single_buffer on;
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
gzip on;
gzip_disable "msie6";
include /etc/nginx/sites-enabled/*;
}
Here is my sites-available\default file:
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name mysite.co.uk;
client_max_body_size 0;
client_body_buffer_size 32K;
location / {
client_body_temp_path /tmp/;
client_max_body_size 0;
client_body_buffer_size 32K;
keepalive_timeout 60s;
proxy_pass http://127.0.0.1:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
ssl_certificate /ssl/mykey.pem;
ssl_certificate_key /ssl/mykey.key;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:128m;
ssl_session_tickets off;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA$
ssl_prefer_server_ciphers on;
add_header Strict-Transport-Security max-age=15768000;
ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.8.8;
}
Any ideas?