Skip to main content


Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Eclipse Projects » Remote Application Platform (RAP) » "invalid request counter" response when using reverse proxy
"invalid request counter" response when using reverse proxy [message #1748291] Mon, 21 November 2016 20:25 Go to next message
Max Bureck is currently offline Max BureckFriend
Messages: 19
Registered: April 2013
Junior Member
Hi,

We want to use a reverse nginx proxy in front of our RAP server, but the second xhr POST request to the page fails with HTTP return code 412 and the message "invalid request counter" in the returned JSON payload. I suspected this has something to do with cookies, but the cookie header is send correctly by the browser. I also don't see a stack trace or anything on the console.

Is there anything else to take into account when configuring a reverse proxy? Or does anything somehow reset the requestCounter?

Thanks and best regards,
Max
Re: "invalid request counter" response when using reverse proxy [message #1748293 is a reply to message #1748291] Mon, 21 November 2016 20:29 Go to previous messageGo to next message
Cole Markham is currently offline Cole MarkhamFriend
Messages: 150
Registered: July 2009
Location: College Station, TX
Senior Member

I have a server running nginx as a reverse proxy. I am setting a few headers to make it work. Here's my location config:

location @admin {
proxy_pass http://localhost:8080;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
}


Hope that helps,

Cole
Re: "invalid request counter" response when using reverse proxy [message #1748309 is a reply to message #1748293] Tue, 22 November 2016 01:24 Go to previous messageGo to next message
Chris Fairhall is currently offline Chris FairhallFriend
Messages: 221
Registered: February 2011
Senior Member
I use nginx in a dev environment to add authentication http headers
The basic config for it only uses a proxy_pass directive.

I use server name based reverse proxying, so there is no translation done with URL paths

	server {
		listen 80;
		server_name server.name.here;
		location / {
			proxy_pass http://localhost:8088/;
			proxy_set_header <various headers for authentication>;
		}
	}
Re: "invalid request counter" response when using reverse proxy [message #1748319 is a reply to message #1748309] Tue, 22 November 2016 08:53 Go to previous messageGo to next message
Aziz Hohenheim is currently offline Aziz HohenheimFriend
Messages: 12
Registered: November 2016
Junior Member
Hi there,

this problems occurs when you send a request which contains an invalid request counter. Here I have an example of the json-object which is within an http-request:

{"head":{"requestCounter":11},"operations":[["set","w2",{"activeControl":"w11"}],["set","w11",{"selection":[3,3],"text":"ssa"}],["set","w2",{"activeControl":"w13"}],["notify","w13","Selection",{"button":1,"shiftKey":false,"ctrlKey":false,"altKey":false}],["set","w1",{"cursorLocation":[272,482],"focusControl":"w13"}]]}


When you look at the position
requestCounter
, it contains the value
11
. In case you want to send a request which is not fired by some user interactions on the UI, the requestCounter has to be increased by 1 for each request, you send to the server. Otherwise you don't get a correct response.

You could see the requestCounter as a protection for fuzzing attacks. Normally the requestCounter updates the values by itself but only when you have direct interactions with some GUI components like button-clicks etc.

I hope I could help you!
Best regards,
Aziz
Re: "invalid request counter" response when using reverse proxy [message #1748350 is a reply to message #1748319] Tue, 22 November 2016 11:56 Go to previous messageGo to next message
Max Bureck is currently offline Max BureckFriend
Messages: 19
Registered: April 2013
Junior Member
Hey,

Thanks for the answers, but sadly none of the answers seemed to have helped. The strange thing is that the first POST request has requestCounter set to 0, and the second (failing) request has it set to 1. So the request seems to be valid. And the JSESSIONID and settingStore cookies are send correctly. So I don't expect RAP to try to open a new session for the second call, expecting the requestCounter to be 0 again.

I simplified the reverse proxy config to a single rule:
        location / {
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header Host $http_host;
            proxy_pass http://MY_BACKEND_SERVER$uri;
        }

Even though I am not sure if the header Host should be $http_host, the default $proxy_host seems more appropriate when setting the X-Forwarded-For and X-Real-IP headers. But both configurations didn't work. I think I have to bite the bullet and debug RAP what is going on on server side.
Maybe I should note that both the nginx and RAP app are running in docker containers linked via docker compose.
Re: "invalid request counter" response when using reverse proxy [message #1748379 is a reply to message #1748350] Tue, 22 November 2016 15:33 Go to previous messageGo to next message
Max Bureck is currently offline Max BureckFriend
Messages: 19
Registered: April 2013
Junior Member
OK, I have just proven, that I am an nginx n00b. The $uri variable does not hold the URL parameters. The correct proxy_pass should have the suffix $uri$is_args$args.
Re: "invalid request counter" response when using reverse proxy [message #1748521 is a reply to message #1748379] Wed, 23 November 2016 23:07 Go to previous message
Chris Fairhall is currently offline Chris FairhallFriend
Messages: 221
Registered: February 2011
Senior Member
You don't need $url or $args to make it work... I've never used them
Previous Topic:Eclipse RAP - Databinding vs. Database access
Next Topic:RAP SWT Browser widget LocationListener
Goto Forum:
  


Current Time: Tue Mar 19 03:04:28 GMT 2024

Powered by FUDForum. Page generated in 0.02761 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software

Back to the top