Configure Apache to avoid cross domain call with Dart - apache

I'm trying to configure Apache using mod_proxy to develop a Dart web app locally, but I can't seem to get it set up correctly.
In my httpd.conf I've enabled the following lines:
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
Include conf/extra/httpd-vhosts.conf
In httpd-vhosts.conf I tried to set up what I needed, but it doesn't seem to be working. I've got a spring web app I'm running from Eclipse with Jetty. So that is on http://localhost:8080. Then I run Dart from the Dart Editor, and it ends up being on 127.0.0.1:3030 (although the total path of a request like "login" is: http://127.0.0.1:3030/C:/Users/CorayThan/dart/BlightedRealmUi/web/out/login).
Either way, I'm trying to get apache to redirect my requests from 127.0.0.1:3030 to localhost:8080. I've tried to do that like this in httpd-vhosts.conf:
<VirtualHost *:80>
ServerAdmin test#localhost
ServerName 127.0.0.1:3030
ProxyPass / http://localhost:8080
ProxyPassReverse / http://localhost:8080
ErrorLog "logs/proxy-error.log"
</VirtualHost>
But it doesn't seem to be working at all. Can anyone suggest how I can fix it, or suggest a better way to do this in the first place? (I don't want to use CORS or Jsonp, I just want an easy cross-browser compatible hack for development.)

I'm not sure you can do this, your VHost would have to listen on 3030, not 80 as you have above to perform the proxy function which it can't do as Dart is using this port, below is an extract from a Vhost file I use to proxy from Dartium to a CouchDb server to allow a browser based couchdb client access using CORS, this may not be what you want though :-
<VirtualHost *:8080>
<Proxy http://141.196.22.210:5984>
Order deny,allow
Allow from all
</Proxy>
RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^OPTIONS
Header set Access-Control-Allow-Origin http://127.0.0.1:3030
Header set Access-Control-Allow-Credentials true
Header set Access-Control-Allow-Headers Content-Type
Header merge Access-Control-Allow-Headers Authorization
Header merge Access-Control-Allow-Headers Destination
Header set Access-Control-Allow-Methods GET
Header merge Access-Control-Allow-Methods POST
Header merge Access-Control-Allow-Methods PUT
Header merge Access-Control-Allow-Methods OPTIONS
Header merge Access-Control-Allow-Methods DELETE
Header merge Access-Control-Allow-Methods HEAD
Header merge Access-Control-Allow-Methods COPY
Header set Access-Control-Max-Age 3600
ProxyRequests off
ProxyPreserveHost Off
KeepAlive Off
ProxyPass / http://141.196.22.210:5984/ nocanon
ProxyPassReverse / http://141.196.22.210:5984/
</VirtualHost>
So, when my client app logs in to Couch it uses 141.196.22.210:8080.

I had the same problem and I solved it by creating a virtual host with a proxy for both tomcat and for the dart application. Roughly, here is my virtual host:
NameVirtualHost *:80
<VirtualHost *:80>
ServerName dartapp
<Location "/tomcat-application-context/">
ProxyPass "http://localhost:8080/tomcat-application-context/"
ProxyPassReverse "http://localhost:8080/tomcat-application-context/"
</Location>
<Location "/dart/">
ProxyPass "http://127.0.0.1:3030/"
ProxyPassReverse "http://127.0.0.1:3030"
</location>
</VirtualHost>
Normally when you "Run in Dartium" you'll access the app with the full path to your dart app:
http://127.0.0.1:3030/full/path/to/web/app.html
Instead, access your apache virtual host with your /full/path/to/web/app.html prefixed with your proxy location (i.e. /dart/full/path/to/web/app.html):
http://dartapp:80/dart/full/path/to/web/app.html

Related

Apache mod-proxy modify header as Forward Proxy

i'm using apache server as proxy in order to add some custom headers to the request forwarded to a website on the internet. I want apache like a man in the middle. The browser send a request, apache receives it, it add some headers and then apache forward the request to the original request endpoint.
Instead of:
browser ---> website
I want:
browser --> apache add headers --> website
How can i achieve my goal in the simplest way?
I tried as forward proxy but the header is not added
<VirtualHost *:*>
ProxyRequests On
ProxyVia On
<Proxy *>
Require all granted
</Proxy>
Header set header "headerValue"
RequestHeader set header2 "header2value"
</VirtualHost>
then i tried as reverse proxy but the website couldn't load some static resource 'cause the Host header was overrided with the proxy Host.
<VirtualHost _default_:82>
ProxyPreserveHost Off
ProxyRequests Off
ProxyVia On
ProxyTimeout 300
<Proxy *>
Allow from all
</Proxy>
ProxyPass /something/something/ http://externalwebsite.com/something/something/
ProxyPassReverse /something/something/ http://externalwebsite.com/something/something/
</VirtualHost>
RequestHeader set header2 "header2value"
Can you help me pls?
Thank you very much

Reverse proxy in Apache + CentOS for HTTPS requests to PostgREST webserver

I would like to make https requests to my postgREST webserver, which by design doesn't support https. I spend several days now I don't know any further...
My setup
My server is running on CentOS 7.9.2009
I have a website domain that uses Wordpress to serve my content in home/myuser/public_html
I setup PostgREST 7.0.1 on my server which runs on port 3000
I am running Apache/2.4.51 (cPanel)
My Problem
The following request works just fine: http://my-domain.com:3000/my_db_table
I would like to run the same request like: https://my-domain.com/api/my_db_table
My Apache configuration is in an "includes" file, seems to be loaded (as errors occur when I put wrong syntax intentionally in this file) and it looks like this:
<VirtualHost *:443>
DocumentRoot /
ServerName my-domain.com
ServerAlias my-domain
ErrorLog /home/myuser/public_html/api/error.log
CustomLog /home/myuser/public_html/api/access.log combined
SSLEngine on
SSLUseStapling off
SSLCertificateFile /etc/ssl/certs/server.my-domain.com.crt
SSLCertificateKeyFile /etc/ssl/private/server.my-domain.com.key
<Location /api/ >
ProxyPreserveHost On
ProxyPass http://localhost:3000/
ProxyPassReverse http://localhost:3000/
RequestHeader set X-Forwarded-Port "443"
RequestHeader set X-Forwarded-Proto "https"
</Location>
</VirtualHost>
running httpd -t returns Syntax OK
after my changes I run sudo systemctl restart httpd
when I then try to do a request like curl -i https://my-domain.com/api/my_db_table I am redirected to the 404 page of my Wordpress website
the error.log file of my apache config does not include any errors (it included errors for stapling which I resolved by adding the line SSLUseStapling off in my config)
I don't know what to do anymore. And because I don't have any error logs I even don't know how to start debugging it. I would be happy for any hint somebody could provide me.
I have successfully use https with postgrest and the following settings in the virtuahost section but I didn't use the tag.
ProxyHTMLEnable On
ProxyPreserveHost On
SSLEngine on
SSLProxyEngine On
RewriteEngine on
#Proxy for postgrest api
ProxyPassMatch "/api/(.*)" "http://localhost:3000/$1"
ProxyPassReverse "/api/" "http://localhost:3000/"

Apache load-balancer: direct to specific application based on URL

I have multiple applications deployed in Tomcat's webapps folder (app1.0, app1.1, app1.2 etc.). When I hit www.example.com:8080/app1.0, the corresponding application appears.
But how to do it on the load-balancing server? For instance, I have a website on which I can click a button (app1.0, app1.1, app1.2 etc.) and an URL pops up like: www.lb.com/app1.0/.../... How to direct to the app based on application version in URL? Use RewriteCond and regex and pass it to ProxyPass? I don't really how to script it, anyone could help? :)
Edit: This is what I done for the 2 apps for 1 Tomcat and 2 apps for 2 Tomcat, but I got 404 sometimes because the Tomcat that has another version has been chosen by the load-balancer.
<VirtualHost *:80>
#Add a http header to explicitly identify the node and be sticky
Header add Set-Cookie "ROUTEID=.%{BALANCER_WORKER_ROUTE}e; path=/" env=BALANCER_ROUTE_CHANGED
#Declare the http server pool
<Proxy "balancer://plf">
BalancerMember "http://worker1.com:8080" route=worker1
BalancerMember "http://worker2.com:8080" route=worker2
ProxySet stickysession=ROUTEID
ProxySet lbmethod=bybusyness
</Proxy>
#Common options
ProxyRequests Off
ProxyPreserveHost On
#Declare the redirection for the http requests
ProxyPassMatch "/app(.*)" "balancer://plf/app$1"
ProxyPassReverse "/app(.*)" "balancer://plf/app$1"
This is how I did it:
1) define a balancer proxy:
<Proxy balancer://portalcluster stickysession=JSESSIONID>
BalancerMember ajp://TOMCATSERVER1:8009 route=TOMCARSERVER1-0
BalancerMember ajp://TOMCATSERVER2:8009 route=TOMCATSERVER2-100
</Proxy>
2) proxy to it in your VirtualHost:
Listen 443
<Virtualhost *:443>
ServerName example.com
Alias /static /var/www/portalstatic
ProxyPass /static !
ProxyPass / balancer://portalcluster/
ProxyPassReverse / balancer://portalcluster/
</Virtualhost>
NB I removed a lot of configuration from these, that are not related to the question (logs, deny clauses, certificate directives, ...). This is just to illustrate the way I did the proxy.
NB2 I did leave the /static trick since this is usually something you will want to do. Static files must stay on the HTTP, and not send them from Tomcat all the time.

Apache No 'Access-Control-Allow-Origin' header

I tried to search between old questions but i didn't find how to figure out my issue
I have a LF site; all works pretty good; when i go on http://localhost:8080/ i have no problem and no error is shown on firebug and/or chrome console
I configured then, an Apache HTTP Server. All seems to me correct but when i try the URL http://localhost I see my site but some resources are not loaded. In chrome console (but also in firebug) I get the following error:
2(index):1 Font from origin 'http://localhost:8080' has been blocked
from loading by Cross-Origin Resource Sharing policy: No
'Access-Control-Allow-Origin' header is present on the requested
resource. Origin 'http://localhost' is therefore not allowed access.
I don't know how to figure out this issue. It seems to me an Apache configuration mistake.
This is my virtual host configuration:
<VirtualHost *:80>
#CORS
<Directory "/var/www/">
AllowOverride All
Order allow,deny
allow from all
</Directory>
# Always set these headers.
Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
Header always set Access-Control-Max-Age "1000"
Header always set Access-Control-Allow-Headers "x-requested-with, Content-Type, origin, authorization, accept, client-security-token"
# Added a rewrite to respond with a 200 SUCCESS on every OPTIONS request.
RewriteEngine On
RewriteCond %{REQUEST_METHOD} OPTIONS
RewriteRule ^(.*)$ $1 [R=200,L]
ProxyPass /c http://localhost:8080/c
ProxyPassReverse /c http://localhost:8080/c
ProxyPass /si http://localhost:8080/si
ProxyPassReverse /si http://localhost:8080/si
ProxyPass /image http://localhost:8080/image
ProxyPassReverse /image http://localhost:8080/image
ProxyPass /documents http://localhost:8080/documents
ProxyPassReverse /documents http://localhost:8080/documents
ProxyPass /html http://localhost:8080/html
ProxyPassReverse /html http://localhost:8080/html
ProxyPass /sprite http://localhost:8080/sprite
ProxyPassReverse /sprite http://localhost:8080/sprite
ProxyPass /combo http://localhost:8080/combo
ProxyPassReverse /combo http://localhost:8080/combo
ProxyPass / http://localhost:8080/web/mySimpleLog
ProxyPassReverse / http://localhost:8080/web/mySimpleLog
ErrorLog logs/mySimpleLog-error_log
CustomLog logs/mySimpleLog-access_log common
</VirtualHost>
It seems to me all correct... is there any other option i should put?
Do you have any idea where I'm wrong?
Thank you
Angelo
You're setting your CORS headers only on port 80, but the cross-origin part is from port 80 to port 8080 -- you should move the Header set ... outside of virtual host context or duplicate it in your 8080 vhost.

apache2 mod_headers not working

Question Description: I want to set my site "Access-Control-Allow-Origin", so I set it in apache's config (almost anywhere), but it's not working. I also set other headers for testing, but it's still not working too.
Apache version: 2.2.22
Apache modules: http://www.anwcl.com/test/show_modules.php
My target url:
http://www.anwcl.com/test/test_only_div.html
And it's linked to my local file:
e:\wamp\www\test\test_only_div.html
And here's my apache's configurations:
E:\wamp\bin\apache\apache2.2.22\conf\httpd.conf
...
LoadModule headers_module modules/mod_headers.so
...
Include conf/extra/httpd-vhosts.conf
...
E:\wamp\bin\apache\apache2.2.22\conf\extra\httpd-vhosts.conf
NameVirtualHost *:80
<VirtualHost *:80>
Header add Access-Control-Allow-Origin "*"
Header echo ^TS
Header add MyHeader "Hello Joe. It took %D microseconds for Apache to serve this request."
ServerAdmin xxx#gmail.com
DocumentRoot "E:/wamp/www/"
ServerName www.anwcl.com
ErrorLog "logs/xxx.log"
CustomLog "logs/xxx.log" common
<Directory "E:/wamp/www/">
Header add Access-Control-Allow-Origin "*"
Options Indexes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
E:\wamp\www\.htaccess
Header add Access-Control-Allow-Origin "*"
Header add Access-Control-Allow-Headers "origin, x-requested-with, content-type"
Header add Access-Control-Allow-Methods "PUT, GET, POST, DELETE, OPTIONS"
E:\wamp\www\test\.htaccess
Header add Access-Control-Allow-Origin "*"
Header add Access-Control-Allow-Headers "origin, x-requested-with, content-type"
Header add Access-Control-Allow-Methods "PUT, GET, POST, DELETE, OPTIONS"
And here's Wireshark's caps, there are no expected headers :
http://www.anwcl.com/question/apache-mod-headers-not-working.jpg
http://www.anwcl.com/question/apache-mod-headers-not-working-304.jpg
I also ran into this issue and fixed it when I realized I was modifying the wrong Virtual-host in my config file found here: /etc/apache2/sites-enabled/000-default.conf.
I was modifying the default VirtualHost config when I was using one with a different port.
<VirtualHost *:6000>
Header set Access-Control-Allow-Origin "*"
</VirtualHost>
I also ran into the error Dylan Maxey described and got around it by disabling the cache in the browser inspector:
Here is also a link to a site I found helpful:
https://enable-cors.org/server_apache.html
Check output of php_info() to see if mod_headers is loaded from your apache webserver.
The changes could have possibly taken place and you aren't seeing the changes within your browser. This is especially typical if you're serving static files like the images you're trying to alter the headers of.
You can even have chrome disable cache while viewing the page with the Javascript console open and still not see the changes take effect.
What you'll want to look for is the response code. If it's a 304, the server has recognized that your browser already has a valid representation of the requested file, and will serve that file. If it does, you will not see the headers you've added after your browser initially downloaded that page.
To see if this is the case, change the url to http://myexample.com/myimage.jpg?t=1, or any other random query parameter and see if that works.
For my case, adding the Header set "key" "value" did not work. I had to use RequestHeader set "key" "value" for the ProxyPass to send the header.
<VirtualHost *:443>
ServerName myserver.com
ServerAlias www.myserver.com
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / http://127.0.0.1:8081/
ProxyPassReverse / http://127.0.0.1:8081/
RequestHeader set "X-Forwarded-Proto" "https"
#
# Setup SSL
#
# SSLProxyEngine on
SSLEngine on
SSLCertificateFile location-to-certificate.crt
SSLCertificateKeyFile location-to-private.key
SSLCertificateChainFile location-to-ca_bundle.crt
</VirtualHost>