rails route path not shown in browser (sometimes) - ruby-on-rails

After deploying my rails 3 app in production I noticed that paths are not always shown in the browser window. For example going to login or my_profile links would still only show http://my_app.com instead of expected http://my_app.com/login or http://my_app.com/my_profile. The views did change and were functional. I could also see the database being hit and views being rendered from the logs (which led me to believe it was not a simple browser cache issue). Going directly to http://my_app.com/login worked, however, using the links in the app would take me to the expected place while leaving the login url displayed. I tried it in several browsers (firefox, opera and chrome) and got the same behavior. The app was deployed under nginx + passenger and later nginx + thin cluster. My question is, whats going on? Could it be nginx settings or my production environment settings? I am not sure where to start.
Running curl -v my_app.com shows
* About to connect() to my_app.com port 80 (#0)
* Trying xx.xx.xx.xx... connected
* Connected to my_app.com (xx.xx.xx.xx) port 80 (#0)
> GET / HTTP/1.1
> User-Agent: curl/7.21.1 (x86_64-apple-darwin10.4.0) libcurl/7.21.1 OpenSSL/1.0.0a zlib/1.2.5 libidn/1.19
> Host: my_app.com
> Accept: */*
>
* HTTP 1.0, assume close after body
< HTTP/1.0 200 OK
< Set-Cookie: ARPT=PKKIKIS10.0.81.64CKILJ; path=/
< Content-Type: text/html; charset=utf-8
< Status: 200
< X-Powered-By: Phusion Passenger (mod_rails/mod_rack) 2.2.5
< ETag: "fce6dec3543058bec16175466020a906"
< X-Runtime: 7
< Content-Length: 787
< Cache-Control: private, max-age=0, must-revalidate
< Server: nginx/0.7.62 + Phusion Passenger 2.2.4 (mod_rails/mod_rack)
< P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
< X-Cache: MISS from server.com
< Via: 1.0 server.com:8080
< Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Frameset//EN"
"http://www.w3.org/TR/html4/frameset.dtd">
<html>
<head>
<title>http://my_app.com/</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7" />
<meta name="generator" content="Hover Redirect Service">
</head>
<frameset framespacing="0" rows="100%,*" cols="100%" frameborder="no" border="0">
<frame name="DDIRECTXYZZY2" scrolling="auto" src="http://xxx.xx.xxx.xxx" noresize>
<frame name="DDIRECTXYZZY" scrolling="no" noresize>
<noframes>
<h1>http://my_app.com/</h1>
<p>Please click here to view the non-framed versi
on.</p>
</noframes>
</frameset>
</html>
So that is clearly a problem. The whole thing gets framed by the DNS redirect? The setup is not Phusion Passenger + nginx. It was originally, but now its thin + nginx. Also, when going directly to ip address of the app, things are just fine. When going to the domain name, I get the framed version. curl -v response of just the ip address also looks normal (like its loading the entire page).

The problem is almost certainly your frames. The inner frame is loading the correct content but because you're (presumably) not targeting 'top' in your links (or whatever it is), the browser is still showing the URL of the outermost frame.
Targeting frames: http://www.w3.org/TR/html4/present/frames.html#h-16.3
If you were not expecting to see frames in your response at all then it's likely they're the responsibility of a shoddy "DNS" service. Get a real DNS address pointed to your server and you'll be singing.

Did you try using another client computer to do your tests? If I follow your explication, that's one option you haven't investigated.
Can you send us your nginx configuration maybe?

Related

Why my call for access token exchange from authorization code failed?

I am using the authentication code mode of Huawei account kit to login users to my app. To check the app server to account server behavior, I use the cURL command shown bellow to obtain the access token from the authorization code. But the following command would return an error.
curl -v -H "Content-Type:application/x-www-form-urlencoded" -d #body.txt -X POST https://oauth-login.cloud.huawei.com/oauth2/v3/token
the "body.txt" file contains the required information for the request:
grant_type=authorization_code&
code=DQB6e3x9zFqHIfkHR2ctp7htDs5tG5p6jXTkTCeoAAULtuS69PntuuD9pwqHrdXyvrlezuRc/aq+zuDU7OnQdRpImnvZcEX+RIOijYMXYu1j+zxpQ+W/J50Z7pY1qhyxZtavqkELY+6o2jSifaiIxC/MJc7KgqKV3jGn9kUIEZovSnM&
client_id=my_id&
client_secret=my_secrete&
redirect_uri=hms://redirect_uri
The command returns:
> POST /oauth2/v3/token HTTP/1.1
> Host: oauth-login.cloud.huawei.com
> User-Agent: curl/7.64.0
> Accept: */*
> Content-Type:application/x-www-form-urlencoded
> Content-Length: 430
>
* upload completely sent off: 430 out of 430 bytes
< HTTP/1.1 400 Bad Request
< Date: Mon, 23 Nov 2020 03:38:21 GMT
< Content-Type: application/json
< Content-Length: 67
< Connection: keep-alive
< Cache-Control: no-store
< Pragma: no-cache
< Server: elb
<
* Connection #0 to host oauth-login.cloud.huawei.com left intact
{"sub_error":20152,"error_description":"invalid code","error":1101}
What should I do to get this API call working using cURL as expected?
Authentication code must be urlencoded before sent. The command in the question used that code without urlencoding non-letter characters. Please use the same command with encoded authorization code as parameter to "code" to perform the request to acquire access token
Encoding could be done inline by if doing so is desired
curl --data-urlencode "para1=value1"
Please refer to: Link or using online tool such as : Link
Using other tools to acquire access token is possible as long as the parameters are properly encoded with %2x format.
According to the error information {"sub_error":20152,"error_description":"invalid code","error":1101}, the problem is caused by incorrect code parameters.
It is recommended that you can check whether the value of code in the request is the same as the Authorization Code obtained by the mobile app.
FOR Details,see docs.

API calls work locally, but not working on Heroku

I have build some login token auth Apis using Ruby on Rails, it works well on local, I have a user built into the local and heroku database, and if I do this :
curl -v -H "Content-Type:application/json" -X POST -d '{"session":{"password":"12345678","email":"example#zapserver.com"}}' http://api.zapserver.dev/sessions/
I can get the correct JSON response from the server.
But, when I do the same call to Heroku, which would be something like this:
curl -k -v -H "Content-Type:application/json" -X POST -d '{"session":{"password":"12345678","email":"example#zapserver.com"}}' https://api.appname.herokuapp.com/sessions/
I got a 404 Not Found error.
I have done the rails db:migrate and I still got the same error.
Any ideas?
EDIT
I got literally nothing from Heroku log, I used a heroku logs --tail command and nothing happened.
Here's the error message I got from the Curl:
* Trying 50.19.245.201...
* TCP_NODELAY set
* Connected to api.zapserver.heroku.com (50.19.245.201) port 443 (#0)
* TLS 1.2 connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* Server certificate: *.herokuapp.com
* Server certificate: DigiCert SHA2 High Assurance Server CA
* Server certificate: DigiCert High Assurance EV Root CA
> POST /sessions/ HTTP/1.1
> Host: api.zapserver.heroku.com
> User-Agent: curl/7.51.0
> Accept: */*
> Content-Type:application/json
> Content-Length: 67
>
* upload completely sent off: 67 out of 67 bytes
< HTTP/1.1 404 Not Found
< Connection: keep-alive
< Server: Cowboy
< Date: Sun, 12 Feb 2017 14:30:09 GMT
< Content-Length: 494
< Content-Type: text/html; charset=utf-8
< Cache-Control: no-cache, no-store
<
<!DOCTYPE html>
<html>
<head>
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta charset="utf-8">
<title>No such app</title>
<style media="screen">
html,body,iframe {
margin: 0;
padding: 0;
}
html,body {
height: 100%;
overflow: hidden;
}
iframe {
width: 100%;
height: 100%;
border: 0;
}
</style>
</head>
<body>
<iframe src="//www.herokucdn.com/error-pages/no-such-app.html"></iframe>
</body>
* Curl_http_done: called premature == 0
* Connection #0 to host api.zapserver.heroku.com left intact
So the problem is that Heroku wants you to pay for the domain if you wanna use something like api.example.com, so I change the routing a bit from api.example.com to xxx.com/api in route.rb using:
namespace :api, defaults: { format: :json }, path: '/api' do
instead of the code in my old route.rb
namespace :api, defaults: { format: :json }, constraints: { subdomain: 'api' }, path: '/' do
And now if I do the Curl like this:
curl -k -v -H "Content-Type:application/json" -X POST -d '{"session":{"password":"12345678","email":"example#zapserver.com"}}' https://example.com/api/sessions/
I can get the correct JSON back from the server.
It's the way domain routing works. When you own example.com, all requests to any address that end with this domain (e.g. mail.example.com, www.example.com, etc.) are routed to your configured DNS server. This server converts the address to an IP address based on the configuration of the DNS records.
The root of your domain, in this case, herokuapp.com is owned by Heroku, so when you create an app, they can create a DNS entry for that app and point it internally to your instance. There would be no mechanism in which application code running in a Heroku app would be able to create additional subdomains without giving some kind of API access to their internal networking configuration, which no company I can think of would ever allow. So essentially, this could never be a valid address: https://api.appname.herokuapp.com
If you create a custom domain, you can certainly use any address you like as long as it ends with your domain, but you'll still have to configure those names on your your new DNS host also.
So I would say that it has nothing to do with Heroku wanting to charge more, it's simply the way DNS works.
404 error means that the page is not found and hence a routing error? Can you post your heroku logs for more detail? thx
Also, as mentioned below. rails db:migrate does not effect heroku DB. hence you would want to run heroku run rake db:migrate, and other rake comands
Your code will not able to decode the user properly. I have the solid solution for this.
go to application_controller.rb
and in your authenticate method relplace the code with this:
def authenticate_api_request
header = request.headers['Authorization']
header = header.split(' ').last if header
begin
# #decoded = JsonWebToken.decode(header)
key = Rails.application.secrets.secret_key_base. to_s
decoded = JWT.decode(header, key)[0]
HashWithIndifferentAccess.new decoded
#current_user = User.find(decoded.values[0])
rescue ActiveRecord::RecordNotFound => e
render json: { errors: e.message }, status: :unauthorized
rescue JWT::DecodeError => e
render json: { errors: e.message }, status: :unauthorized
end
end

Rails 4 + Nginx - serve font via CloudFront won't load cause by CORS

I've website at http://revoniaga.com which is run RoR but the font won't load where it said "blocked from loading by Cross-Origin Resource Sharing policy". It cause by Amazon CloudFront. I've try everything but still same result.
First, I put my font assets under /app/assets/font
then in my css (vendor/assets/stylesheets/font-awesome.css), I use something like this:
#font-face {
font-family: 'FontAwesome';
src: url('/assets/fontawesome-webfont.eot?v=4.3.0');
//and so on for other font format
}
At my /etc/nginx/sites-available/revoniaga_production, I put
location ~* \.(eot|otf|svg|ttf|woff|woff2)$ {
add_header Access-Control-Allow-Origin *;
}
Then when I curl:
curl -I https://d3bkb7gt2ds4m6.cloudfront.net/assets/fontawesome-webfont.woff2
It said
HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 168
Connection: keep-alive
Server: nginx/1.6.2
Date: Wed, 18 Mar 2015 09:34:29 GMT
Age: 242
X-Cache: Error from cloudfront
Via: 1.1 404e3b476748051f3f9bc690b72173b4.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 3yUNjkFQHC83FlbEwVMBSddpQND_4GbXauyeTtDyKawS6GzftUwXRA==
I'm also restarting my server "service nginx restart" but still nothing happen
Here is my CloudFront which is the default setting
Everything work fine in my dev env
I couldn't figure why this happening. Please help
Thanks in advance
Problem solved by clean install the server, upgrade ruby to 2.2.1 plus.. looks like the issue come from the server itself. my setting before was fine..

Robots.txt file on Rails heroku app not updating

I've got a rails app hosted on Heroku for which I'm trying to update the robot.txt file.
The local file, which is at /public/robots.txt, reads:
User-agent: *
Disallow: /admin/
However when I deploy the app to Heroku, the robots file is seemingly not updated. The remote version reads:
# See http://www.robotstxt.org/wc/norobots.html for documentation on how to use the robots.txt file
#
# To ban all spiders from the entire site uncomment the next two lines:
User-agent: *
Disallow: /
The live url is at http://www.cowboypicks.com/robots.txt.
Running curl -I http://www.cowboypicks.com/robots.txt yields:
HTTP/1.1 200 OK
Age: 2317078
Cache-Control: public, max-age=2592000
Content-length: 200
Content-Type: text/plain
Date: Wed, 30 Apr 2014 17:01:43 GMT
Last-Modified: Thu, 03 Apr 2014 14:21:08 GMT
Status: 200 OK
X-Content-Digest: 10c5b29b9aa0c6be63a410671662a29a796bc772
X-Rack-Cache: fresh
Connection: keep-alive
Indicating the file hasn't been updated since 3 April, however it has been updated today (30 April). Even stranger, when I run heroku run bash followed by cat public/robots.txt I get:
User-agent: *
Disallow: /admin/
Indicating the file is being updated on Heroku but it's showing an older (I assume cached) version for some reason. There is some caching on the app using dalli/memcache, but I wouldn't have thought that would affect static files? Any ideas on how I could further debug the problem?
It turned out that Dalli had indeed been caching the robots.txt file in production. The expiry date was set in production.rb with the line:
config.static_cache_control = "public, max-age=2592000"
Running the following from the rails console flushed the cache and sorted the problem:
Rails.cache.dalli.flush_all

why is jquery ui autocomplete folder cannot be accessed

Just wondering what could the problem be why I can't access jquery ui autocomplete folder in the prod side.
I've been using this widget in the dev side and it works perfectly. However, when I deployed it, I get errors saying, jquery.ui.core.js, jquery.ui.widget.js, jquery.ui.position.js, jquery.ui.all.css, and jquery.ui.autocomplete.js cannot be found: "404 Object Not Found".
This is how I reference these files:
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js"></script>
<script type="text/javascript" src="/folder1/folder2/jquery-ui-1.8.10.custom/development-bundle/ui/jquery.ui.core.js"></script>
<script type="text/javascript" src="/folder1/folder2/jquery-ui-1.8.10.custom/development-bundle/ui/jquery.ui.widget.js"></script>
<script type="text/javascript" src="/folder1/folder2/jquery-ui-1.8.10.custom/development-bundle/ui/jquery.ui.position.js"></script>
<script type="text/javascript" src="/folder1/folder2/jquery-ui-1.8.10.custom/development-bundle/ui/jquery.ui.autocomplete.js"></script>
<link rel="stylesheet" href="/folder1/folder2/jquery-ui-1.8.10.custom/development-bundle/themes/base/jquery.ui.all.css">
Using Firebug, these are the Response and Request headers respectively:
HTTP/1.1 404 Object Not Found
Server: Microsoft-IIS/5.0
Date: Thu, 14 Apr 2011 08:22:27 GMT
Connection: close
Content-Length: 4040
Content-Type: text/html
GET /folder1/folder2/jquery-ui-1.8.10.custom/development-bundle/ui/jquery.ui.core.js HTTP/1.1
Host: (hostname)
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.9.2.16) Gecko/20110319 Firefox/3.6.16
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: (referrer)
Cookie: (cookies)
I'm using Coldfusion MX 6.1. Are there permission or hosting issues involved? I don't have any idea here. Please help. Thanks.
When you use "/" before your src addresses, you are actually telling that the "folder1" is located in the root folder of your web server (i.e. WWW in Apache)
So if "folder1" is simply a folder located in the same path that your code file is, you should use:
src="folder1/folder2/jquery-ui-1.8.10.custom/development-bundle/ui/jquery.ui.core.js"
I got this working, at last. What I did was I got all folders outside of jquery-ui-1.8.10.custom folder. That is, instead of /folder1/folder2/jquery-ui-1.8.10.custom/development-bundle/ui/jquery.ui.core.js, I now have /folder1/folder2/development-bundle/ui/jquery.ui.core.js.
I still don't get why the folder name jquery-ui-1.8.10.custom can't be found. If anyone knows why please tell me. Thanks!

Resources