ʻO kahi ʻelele o kā mākou mea kūʻai aku, nona ka waihona noi e noho ana i ke ao mai Microsoft (Azure), i hoʻoponopono i kahi pilikia: i kēia manawa, ua hoʻomaka kekahi mau noi mai kekahi mau mea kūʻai mai ʻEulopa me ka hewa 400 (). Ua kākau ʻia nā noi āpau ma .NET, hoʻonoho ʻia ma Kubernetes...
ʻO kekahi o nā noi ʻo ka API, kahi e hele mai ai nā kaʻa a pau. Hoʻolohe ʻia kēia kaʻa e ka server HTTP , hoʻonohonoho ʻia e ka mea kūʻai aku .NET a mālama ʻia i loko o kahi pod. Me ka debugging, ua laki mākou ma ke ʻano he mea hoʻohana kikoʻī e hoʻopuka mau i ka pilikia. Eia naʻe, ua paʻakikī nā mea a pau e ke kaulahao kaʻa:
Ua like ka hewa ma Ingress penei:
{
"number_fields":{
"status":400,
"request_time":0.001,
"bytes_sent":465,
"upstream_response_time":0,
"upstream_retries":0,
"bytes_received":2328
},
"stream":"stdout",
"string_fields":{
"ingress":"app",
"protocol":"HTTP/1.1",
"request_id":"f9ab8540407208a119463975afda90bc",
"path":"/api/sign-in",
"nginx_upstream_status":"400",
"service":"app",
"namespace":"production",
"location":"/front",
"scheme":"https",
"method":"POST",
"nginx_upstream_response_time":"0.000",
"nginx_upstream_bytes_received":"120",
"vhost":"api.app.example.com",
"host":"api.app.example.com",
"user":"",
"address":"83.41.81.250",
"nginx_upstream_addr":"10.240.0.110:80",
"referrer":"https://api.app.example.com/auth/login?long_encrypted_header",
"service_port":"http",
"user_agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36",
"time":"2019-03-06T18:29:16+00:00",
"content_kind":"cache-headers-not-present",
"request_query":""
},
"timestamp":"2019-03-06 18:29:16",
"labels":{
"app":"nginx",
"pod-template-generation":"6",
"controller-revision-hash":"1682636041"
},
"namespace":"kube-nginx-ingress",
"nsec":6726612,
"source":"kubernetes",
"host":"k8s-node-55555-0",
"pod_name":"nginx-v2hcb",
"container_name":"nginx",
"boolean_fields":{}
}I ka manawa like, hāʻawi ʻo Kestrel:
HTTP/1.1 400 Bad Request
Connection: close
Date: Wed, 06 Mar 2019 12:34:20 GMT
Server: Kestrel
Content-Length: 0ʻOiai me ka ʻōlelo nui loa, ua nui ka hewa Kestrel ʻike pono liʻiliʻi:
{
"number_fields":{"ThreadId":76},
"stream":"stdout",
"string_fields":{
"EventId":"{"Id"=>17, "Name"=>"ConnectionBadRequest"}",
"SourceContext":"Microsoft.AspNetCore.Server.Kestrel",
"ConnectionId":"0HLL2VJSST5KV",
"@mt":"Connection id "{ConnectionId}" bad request data: "{message}"",
"@t":"2019-03-07T13:06:48.1449083Z",
"@x":"Microsoft.AspNetCore.Server.Kestrel.Core.BadHttpRequestException: Malformed request: invalid headers.n at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.Http1Connection.TryParseRequest(ReadResult result, Boolean& endConnection)n at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.HttpProtocol.<ProcessRequestsAsync>d__185`1.MoveNext()",
"message":"Malformed request: invalid headers."
},
"timestamp":"2019-03-07 13:06:48",
"labels":{
"pod-template-hash":"2368795483",
"service":"app"
},
"namespace":"production",
"nsec":145341848,
"source":"kubernetes",
"host":"k8s-node-55555-1",
"pod_name":"app-67bdcf98d7-mhktx",
"container_name":"app",
"boolean_fields":{}
}Me he mea lā ʻo tcpdump wale nō e kōkua i ka hoʻoponopono ʻana i kēia pilikia ... akā e haʻi hou wau e pili ana i ke kaulahao kaʻa:
Hoʻomaka
ʻIke loa, ʻoi aku ka maikaʻi o ka hoʻolohe ʻana i ke kaʻa ma kēlā puʻupuʻu kikoʻī, kahi i kau ai ʻo Kubernetes i kahi pod: ʻo ka nui o ka puʻupuʻu e hiki ke loaʻa i kahi mea wikiwiki loa. A ʻoiai, i ka nānā ʻana, ua ʻike ʻia ke kiʻi penei:
GET /back/user HTTP/1.1
Host: api.app.example.com
X-Request-ID: 27ceb14972da8c21a8f92904b3eff1e5
X-Real-IP: 83.41.81.250
X-Forwarded-For: 83.41.81.250
X-Forwarded-Host: api.app.example.com
X-Forwarded-Port: 443
X-Forwarded-Proto: https
X-Original-URI: /front/back/user
X-Scheme: https
X-Original-Forwarded-For: 83.41.81.250
X-Nginx-Geo-Client-Country: Spain
X-Nginx-Geo-Client-City: M.laga
Accept-Encoding: gzip
CF-IPCountry: ES
CF-RAY: 4b345cfd1c4ac691-MAD
CF-Visitor: {"scheme":"https"}
pragma: no-cache
cache-control: no-cache
accept: application/json, text/plain, */*
origin: https://app.example.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
referer: https://app.example.com/auth/login
accept-language: en-US,en;q=0.9,en-GB;q=0.8,pl;q=0.7
cookie: many_encrypted_cookies; .AspNetCore.Identity.Application=something_encrypted;
CF-Connecting-IP: 83.41.81.250
True-Client-IP: 83.41.81.250
CDN-Loop: cloudflare
HTTP/1.1 400 Bad Request
Connection: close
Date: Wed, 06 Mar 2019 12:34:20 GMT
Server: Kestrel
Content-Length: 0
Ma ka nānā pono ʻana i ka ʻōpala, ʻike ʻia ka ʻōlelo M.laga. He mea maʻalahi ke kuhi ʻaʻohe kūlanakauhale ʻo M.laga ma Sepania (akā aia ). I ka hopu ʻana i kēia manaʻo, nānā mākou i nā configs Ingress, kahi a mākou i ʻike ai i ka mea i hoʻokomo ʻia i hoʻokahi mahina i hala (ma ke noi a ka mea kūʻai aku) "pōʻino" ʻāpana:
ingress.kubernetes.io/configuration-snippet: |
proxy_set_header X-Nginx-Geo-Client-Country $geoip_country_name;
proxy_set_header X-Nginx-Geo-Client-City $geoip_city;Ma hope o ka hoʻopau ʻana i ka hoʻouna ʻana i kēia mau poʻo, ua maikaʻi nā mea a pau! (Ua ʻike koke ʻia ʻaʻole pono ka noi ponoʻī i kēia mau poʻo.)
I kēia manawa, e nānā kākou i ka pilikia ʻoi aku ka laulā. Hiki ke hana hou ia i loko o ka palapala noi ma ke noi ʻana i ka telnet iā localhost:80:
GET /back/user HTTP/1.1
Host: api.app.example.com
cache-control: no-cache
accept: application/json, text/plain, */*
origin: https://app.example.com
Cookie: test=Desiree
... hoʻi 401 Unauthorized, e like me ka mea i manaoia. He aha ka hana inā mākou e hana:
GET /back/user HTTP/1.1
Host: api.app.example.com
cache-control: no-cache
accept: application/json, text/plain, */*
origin: https://app.example.com
Cookie: test=Désirée?
E hoʻi mai 400 Bad request - ma ka palapala noi e loaʻa iā mākou kahi hewa i maʻa mua iā mākou:
{
"@t":"2019-03-31T12:59:54.3746446Z",
"@mt":"Connection id "{ConnectionId}" bad request data: "{message}"",
"@x":"Microsoft.AspNetCore.Server.Kestrel.Core.BadHttpRequestException: Malformed request: invalid headers.n at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.Http1Connection.TryParseRequest(ReadResult result, Boolean& endConnection)n at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.HttpProtocol.<ProcessRequestsAsync>d__185`1.MoveNext()",
"ConnectionId":"0HLLLR1J974L9",
"message":"Malformed request: invalid headers.",
"EventId":{
"Id":17,
"Name":"ConnectionBadRequest"
},
"SourceContext":"Microsoft.AspNetCore.Server.Kestrel",
"ThreadId":71
}Nā hopena
ʻO Kestrel kūikawā Hoʻoponopono pololei i nā poʻomanaʻo HTTP me nā huaʻōlelo pololei ma UTF-8, aia i loko o nā inoa o kahi heluna nui o nā kūlanakauhale.
ʻO kahi kumu hou i kā mākou hihia, ʻaʻole hoʻolālā ka mea kūʻai aku i kēia manawa e hoʻololi i ka hoʻokō ʻana o Kestrel i ka noi. Eia naʻe, nā pilikia ma AspNetCore ponoʻī (, ) ʻōlelo lākou ʻaʻole kōkua kēia ...
No ka hōʻuluʻulu ʻana: ʻaʻole pili ka memo i nā pilikia kūikawā o Kestrel a i ʻole UTF-8 (ma 2019?!), akā e pili ana i ka ʻoiaʻiʻo. ka noʻonoʻo a me ke aʻo mau ʻO kēlā me kēia ʻanuʻu āu e hana ai i ka ʻimi ʻana i nā pilikia e hua koke a ma hope paha. Pōmaikaʻi iā ʻoe
PS
E heluhelu pū ma kā mākou blog:
- «";
- «";
- «";
- «";
- «".
Source: www.habr.com