struggles with proxy


I’m still dealing with my nginx reverse proxy and xojo.

I set up a reverse proxy to deliver a webapp over a ordinary subdomains without displaying the port where the app is running. this is needed, because the firewalls of our customers block all internet traffic which is not served over port 80.

anyway, its working so far.

but now my problem:
because the communication is now delivered through the proxy, I get errors in the JS-Console:

[Error] Failed to load resource: the server responded with a status of 504 (HTTP/2.0 504) (push, line 0) ->

It seems, that the traffic under “7146F7FBB2D22EFAA0709E34B19418C71ADCA741” also needs to be delivered to the app.
But this string is random generated?! How can I send the push-data to the app?

Is there a server pro outside?

Thanks a lot!!!

That is the session identifier, so it’ll be a different string for each user.

I suspect your problem is that you’re trying to push secure info (https) over port 80 though. The web app isn’t going to handle that very well.

Are you routing the whole subdomain to the xojo app? The directory should not matter.

I redirect it over the nginx config like:

location / { proxy_pass http://[IP]:[port]; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Accel-Internal /internal-nginx-static-location; access_log off; }

[quote=339974:@Greg O’Lone]I suspect your problem is that you’re trying to push secure info (https) over port 80 though. The web app isn’t going to handle that very well.

Is this solvable?

Is it a stand alone app?

What about using launching the exe using

/path/to/webservice --maxports=0 --secureport=80 --certificate=/path/to/certificate

This forces the web service to only have a secure port. You’ll need to set up the certificate file properly with the correct Key / Certificate pair.



I start the app using this:

var/www/path/to/app/./APPNAME --secureport=[port] --maxsecuresockets=400

Port 80 I can’t use, because I have several apps running on this server (under speciffic subdomains - with the same behaviour)

The Cert is located next to the executable.

The Certificate doesn’t seems to be the problem. The App is running well. Just some pushes can’t be handled, so the error in the console occurs.

@Lars+Lehmann: Here’s how I’m using Nginx as a reverse proxy for standalone Xojo Web apps…

First, I start the app and have it listen on a specific port. For example:

appname --port=64009 &

The app is now listening on port 64009. You can choose whatever port you’d like, of course. Notice that the app is only listening for http requests. I’ll explain why in a moment.

Next, my Nginx configuration file is configured with these entries:

server {
	listen 80;
	return 301 https://$server_name$request_uri;

server {
	listen 443 ssl;
	ssl_certificate /path/to/your/certificate.crt;
	ssl_certificate_key /path/to/your/key.key;		
	location / {
		proxy_pass 64009;
		proxy_set_header Host $host;
		proxy_set_header X-Forwarded-For $remote_addr;
		proxy_pass_request_headers on;			

The first entry handles http requests (coming in on port 80) for the domain, and redirects them to https.

The second entry handles https requests (coming in on port 443). Notice that Nginx is handling SSL termination, not the Xojo Web app. Nginx passes requests internally to the app, and does so over http to the specific port that the app is listening on.

I hope this helps

Why aren’t you having nginx do ssl termination?

I’m not sure if I understand the question :smiley:

[quote=340106:@Tim Dietrich]Next, my Nginx configuration file is configured with these entries:

I think I’m not fully free in the configuration, because I use Plesk and there are some dependencies.

I also force http to be redirected to https.

Well, it’s possible to load the ssl certificate into nginx and have it serve the app as secure, but actually communicate with it as plain old http. It greatly simplifies things and makes the web app a little faster.