couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tim Doherty <tdohe...@ipaymentinc.com>
Subject Bad Request - Referer Must Match Host
Date Tue, 29 Jan 2013 18:07:31 GMT
Hi all,

I'm running CouchDB 1.2.1 behind Nginx 1.2.6, and trying to push an attachment via AJAX per
the futon.browse.js script. I get a 400 bad request, with JSON payload {"error":"bad_request","reason":"Referer
header must match host."} no matter how I configure the host/referer headers

<form id="attachment-form" method="post" action="">
    <input id="_attachments" type="file" name="_attachments"/>
    <input type='hidden' name='_rev' value="{{_rev}}"/>
</form>

      var id = $.cookies.get('id');
      var options = {
        //target:  '',
        url: '/assets/' + id,
        success:   function(data) {
            alert('upload successful');
        }
      };
      $("#attachment-form").ajaxSubmit(options);
Nginx is configured per the wiki, (http://wiki.apache.org/couchdb/Nginx_As_a_Reverse_Proxy)
and then explicitly matching host and referer headers:

location /assets {

proxy_pass http://localhost:5984;

proxy_redirect off;

proxy_set_header Host $host;

proxy_set_header Referer $host;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

rewrite /doc/(.*) /arp/$1 break;

}
Setting the Couch log level to debug confirms matching host and referer headers:

[Tue, 29 Jan 2013 17:54:59 GMT] [debug] [<0.1047.0>] 'POST' /arp/7bd8504fe08942fda541c27d59d40bc0
{1,0} from "127.0.0.1"

Headers: [{'Accept',"*/*"},

          {'Accept-Encoding',"gzip, deflate"},

          {'Accept-Language',"en-US,en;q=0.5"},

          {'Cache-Control',"no-cache"},

          {'Connection',"close"},

          {'Content-Length',"13316"},

          {'Content-Type',"multipart/form-data; boundary=---------------------------24703444631593"},

          {'Cookie',"__utma=111872281.1437496111.1310764531.1311187227.1332282819.13; iW.Search.Accordion.SelectedPaneIndex=0;
sid=e903edda66c48afb8b79f1b7825f49bc; id=7bd8504fe08942fda541c27d59d40bc0; role=vendor"},

          {'Host',"localhost"},

          {'Pragma',"no-cache"},

          {'Referer',"localhost"},

          {'User-Agent',"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:18.0) Gecko/20100101 Firefox/18.0"},

          {'X-Forwarded-For',"127.0.0.1"},

          {"X-Real-Ip","127.0.0.1"},

          {"X-Requested-With","XMLHttpRequest"}]

[Tue, 29 Jan 2013 17:54:59 GMT] [debug] [<0.1047.0>] OAuth Params: []

[Tue, 29 Jan 2013 17:54:59 GMT] [debug] [<0.1047.0>] Minor error in HTTP request: {bad_request,

                                                   <<"Referer header must match host.">>}

[Tue, 29 Jan 2013 17:54:59 GMT] [debug] [<0.1047.0>] Stacktrace: [{couch_httpd,validate_referer,1},

                                  {couch_httpd_db,db_doc_req,3},

                                  {couch_httpd_db,do_db_req,2},

                                  {couch_httpd,handle_request_int,5},

                                  {mochiweb_http,headers,5},

                                  {proc_lib,init_p_do_apply,3}]

[Tue, 29 Jan 2013 17:54:59 GMT] [info] [<0.1047.0>] 127.0.0.1 - - POST /arp/7bd8504fe08942fda541c27d59d40bc0
400

[Tue, 29 Jan 2013 17:54:59 GMT] [debug] [<0.1047.0>] httpd 400 error response:

{"error":"bad_request","reason":"Referer header must match host."}
I'm stumped. Any help greatly appreciated.
Thanks,
Tim


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message