I've been banging my head trying to figure out a 403 issue only with Chrome. I have a application running in tomcat8 and I front it with Nginx. The machine are hosted with a client and I suspect maybe there is something in the environment, But I need to have something to go back to them with..
I can login to the application. I have a search page that make some jquery ajax call out to me rest api that I get the 403 with..
On Firefox and IE everything works good. But on chrome and safari I get the 403.
I thought it might be a CORS thing since Im making a call from ajax. Disabling web security on Chrome didn't do anything. So im not convinced it is that..
Here are my config
Nginx.conf
user www-data;
worker_processes auto;
pid /run/nginx.pid;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
include /etc/nginx/proxy_params;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
my server.conf
server {
server_name myapp.mydomain.com;
root /var/www/tomcat8/webapps/myapp/;
location / {
index index.html index.jsp;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:8080/;
}
}
server {
listen 80;
server_name myapp.mydomain.com;
return 404; # managed by Certbot
}
Here is the nginx log entry for the 403 on my service call
172.16.1.1 - - [19/Jul/2019:16:30:49 -0400] "POST /myap/services/search/lookupUI? HTTP/1.1" 403 0 "https://myapp.mydomain.com/myapp/gui/findpatients.jsp" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
The service call in the nginx log has both a GET and POST option..I can pass a GET on the browser address bar and it will work..
I'm pull at straws on what this might be. This is a pretty simple nginx proxy config that I use with other clients..
Any help would be really appreciated.