'Posting http request after enabeling TLS/SSL
I have a website using Angular for the frontend, Django for the backend and they are being served using Apache. It was working properly until I enabled TLS/SSL using letsencrypt. Since then I was still able to access the website using https, but all my http request to the backend give errors. The error message is:
Http failure response for http://backend.IP:8080/api/load_data/: 0 Unknown Error
If I call the API function from the browser like this:
http://backend.IP:8080/api/load_data/
It works well and returns the expected data from the backend, but when posting http request from the code it gives the previous error.
Here is apache configurations for the frontend.conf:
<VirtualHost *:80>
DocumentRoot "/home/ubuntu/myproject/static/"
# Other directives here
DirectoryIndex index.php index.htm index.html
<Directory "/home/ubuntu/myproject/static">
AllowOverride All
Require all granted
</Directory>
# Logs
ErrorLog /var/log/apache2/frontend_error.log
CustomLog /var/log/apache2/frontend_access.log combined
RewriteEngine on
RewriteCond %{SERVER_NAME} =test.myproject.org
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
Here is the frontend-le-ssl.conf:
<IfModule mod_ssl.c>
SSLStaplingCache shmcb:/var/run/apache2/stapling_cache(128000)
<VirtualHost *:443>
DocumentRoot "/home/ubuntu/myproject/static/"
# Other directives here
DirectoryIndex index.php index.htm index.html
<Directory "/home/ubuntu/myproject/static">
AllowOverride All
Require all granted
</Directory>
# Logs
ErrorLog /var/log/apache2/frontend_error.log
CustomLog /var/log/apache2/frontend_access.log combined
ServerName test.myproject.org
SSLCertificateFile /etc/letsencrypt/live/test.myproject.org/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/test.myproject.org/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
Header always set Strict-Transport-Security "max-age=31536000"
SSLUseStapling on
Header always set Content-Security-Policy upgrade-insecure-requests
</VirtualHost>
</IfModule>
Here is the 000-default.conf:
<VirtualHost *:8080>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
Alias /static /home/ubuntu/myproject/static
<Directory /home/ubuntu/myproject/static>
Require all granted
</Directory>
<Directory /home/ubuntu/myproject/myproject >
<Files wsgi.py>
Require all granted
</Files>
</Directory>
WSGIDaemonProcess myproject python-home=/home/ubuntu/myproject/venv python-path=/home/ubuntu/myproject
WSGIProcessGroup myproject
WSGIScriptAlias / /home/ubuntu/myproject/myproject/wsgi.py
</VirtualHost>
Angular environment.prod.ts:
export const environment = {
appVersion: require('../../package.json').version,
production: true,
apiURL: 'http://backend.IP:8080/api/',
mediaURL: 'http://backend.IP:8080',
};
Angular proxy.conf.json:
{
"/api": {
"target": "http://backend.IP:80",
"secure": false
},
"/media": {
"target": "http://backend.IP:80",
"secure": false
}
}
Backend settings.py:
SESSION_COOKIE_SECURE=True
SESSION_COOKIE_HTTPONLY=True
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTOCOL', 'https')
ALLOWED_HOSTS = ['backend.IP',
'http://backend.IP',
'http://backend.IP:8080',
'https://backend.IP',
'https://backend.IP:8080',
'127.0.0.1',
'http://www.mproject.org/',
'https://www.mproject.org/',
'mproject.org/']
CORS_ORIGIN_WHITELIST = (
'https://localhost:4200',
'https://localhost:8000',
'https://localhost:8080',
'https://backend.IP:8080',
'http://backend.IP:8080',
'https://backend.IP:80',
'http://backend.IP:80',
)
CORS_ALLOW_CREDENTIALS = True
In the wsgi.py:
os.environ['HTTPS'] = "on"
I am completely new to these stuffs, and I followed several tutorials to reach this point but I am still missing something to allow the http requests after the setting the STL/SSL up.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|