Drop invalid requests either in the proxy or in studiobeta's nginx #82163
Labels
No Label
Priority
High
Priority
Low
Priority
Normal
Status
Archived
Status
Confirmed
Status
Duplicate
Status
Needs Information from User
Status
Needs Triage
Status
Resolved
Type
Bug
Type
Content
Type
Design
Type
Report
Type
To Do
Type
Web Development
No Milestone
No project
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: studio/blender-studio#82163
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Requests with "unexpected" HTTP_HOSTs should not reach Django, here's example trace:
https://sentry.io/organizations/blender-institute/issues/1984510038/?project=5476345&query=is%3Aunresolved
See http://nginx.org/en/docs/http/request_processing.html#how_to_prevent_undefined_server_names
Added subscriber: @railla
Drop invalid requests either in the proxy on in studiobeta's nginxto Drop invalid requests either in the proxy or in studiobeta's nginxChanged status from 'Needs Triage' to: 'Resolved'
Added subscriber: @dr.sybren
This was a fun thing to solve: dropping HTTPS requests (or having a default server block for them) is not as easy as HTTP ones due to SNI matching.
The solution was to first
ssl default_server
block, so that the whole catch-all logic could be in one place in the top-level nginx config:It is theoretically possible that there are browsers in the wild that don't implement SNI, but we decided not to worry about them.
Kudos to @dr.sybren for helping with this one 🎉