logo
Apache Lounge
Webmasters

 

About Forum Index Downloads Search Register Log in RSS X


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
Post new topic   Forum Index -> Apache View previous topic :: View next topic
Reply to topic   Topic: [SOLVED] Apache reverse proxy refused to execute script
Author
jfjallid



Joined: 02 Apr 2016
Posts: 5
Location: sweden

PostPosted: Sat 02 Apr '16 15:12    Post subject: [SOLVED] Apache reverse proxy refused to execute script Reply with quote

Hi!

I have two ubuntu servers 14.04 running apache 2.4.7, mysql Ver 15.1 Distrib 10.0.22-MariaDB and php 5.5.9.

One of them is internal with no Internet access running an owncloud server and the other is facing the Internet with an apache server running a reverse proxy for the internal server to enable access to owncloud from the Internet.

The problem I'm having is that when going through the reverse proxy the webpage loads but most of the content seems to fail and the website doesn't work as expected. If I open the console I get the variants of the following error messages:

In firefox console:
Code:
The stylesheet <my-server-address>/core/css/jquery.ocdialog.css?v=f8ed568350f3f0107c10d8e06c55f727 was not loaded because its MIME type, "text/html", is not "text/css".
SyntaxError: expected expression, got '<'


In google chrome console:
Code:
Refused to execute script from '<my-server-address>/index.php/core/js/oc.js?v=f8ed568350f3f0107c10d8e06c55f727' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.


Accessing owncloud webpage internally works good which is why I think that the problem is with the reverse proxy.

Any help would be much appreciated!


Last edited by jfjallid on Sun 05 Jun '16 11:48; edited 1 time in total
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 7371
Location: Germany, Next to Hamburg

PostPosted: Mon 04 Apr '16 12:00    Post subject: Reply with quote

An option might be a 404 error. Please open the URL in your Firefox browser and look at the content if it is the CSS file or a page not found.


If it is not a 404 / page not found

add the following to the apache main config file on both servers.

Code:

AddType text/css .css
AddType text/javascript .js
Back to top
jfjallid



Joined: 02 Apr 2016
Posts: 5
Location: sweden

PostPosted: Fri 08 Apr '16 22:43    Post subject: Reply with quote

Where would I found the 404 error in Firefox?

I added
Code:

AddType text/css .css
AddType text/javascript .js

to /etc/apache2/apache2.conf on both webservers but doesn't seem to make any difference.

I do most of my debugging through chrome since I can use my android phone with debugging to get the console messages when accessing the site via the reverse proxy.

What I've found is that when I try to access the page I get the error message for all javascript files:
Code:
Refused to execute script from ... because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.


I also get the variants of the message:
Code:
 Resource interpreted as Stylesheet but transferred with MIME type text/html: "http://<my-server-address>/core/css/styles.css?v=f8ed568350f3f0107c10d8e06c55f727".


I get the following http headers if they are of any help:
Code:

HTTP/1.1 200 OK
Date: Fri, 08 Apr 2016 20:04:11 GMT
Server: Apache/2.4.7 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.14
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; frame-src *; img-src * data: blob:; font-src 'self' data:; media-src *; connect-src *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Robots-Tag: none
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Content-type: text/html; charset=UTF-8
Set-Cookie: ocirse4el2n4=0aad97s9uv1g5sclishd7sev85; path=/; HttpOnly
Set-Cookie: oc_sessionPassphrase=YFrm%2BphkwzrtmgZ%2BJPnv9%2BJXZ4jYMK7
TRPuHrgyoJ324CiFcGDm%2FrVITkXEjLDZXYUw%2BGLGrXe1tt8v3YZiHa
bYyd3Muwfq7BTcY%2FuFzVimQxYGCa682%2FDehZGG0HyRS; path=/; httponly


Now if I remove the line from .htaccess file:
Code:
     Header set X-Content-Type-Options "nosniff"

I get the same "Resource interpreted as Stylesheet" messages but also variants of:
Code:

Uncaught SyntaxError: Unexpected token <  oc.js?v=f8ed568... :1

When I follow the link I see the following line which looks strange but I'm not sure if that is the problem or not:
Code:
 <script src="/index.php/core/js/oc.js?v=f8ed568350f3f0107c10d8e06c55f727"></script>

all the other script tags use the path: /core/... and not /index.php/core/

Not sure how I could find the file that contains that line to try and change it.
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 7371
Location: Germany, Next to Hamburg

PostPosted: Mon 18 Apr '16 11:53    Post subject: Reply with quote

Open /index.php/core/js/oc.js?v=f8ed568350f3f0107c10d8e06c55f727 in your browser and look into the source code. I guess there is an error.
Back to top
jfjallid



Joined: 02 Apr 2016
Posts: 5
Location: sweden

PostPosted: Wed 20 Apr '16 23:47    Post subject: Reply with quote

James Blond wrote:
Open /index.php/core/js/oc.js?v=f8ed568350f3f0107c10d8e06c55f727 in your browser and look into the source code. I guess there is an error.


Seems like they fixed that thing in the last release although it didn't solve my problem.

I've compared the http response headers from requesting a css file when going directly and when going via the reverse proxy. I found that when going directly the Content-Type is text/css
but when going through reverse proxy the Content-Type is text/html; charset=UTF-8

Seems like apache is changing the Content-Type for some reason? I tried putting
Code:
DefaultType None
in apache2.conf but didn't make any difference.
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 7371
Location: Germany, Next to Hamburg

PostPosted: Sun 24 Apr '16 17:47    Post subject: Reply with quote

I wonder why that file is within the rewriting since it should be a static file. The index.php in the url still makes me wonder.
Back to top
jfjallid



Joined: 02 Apr 2016
Posts: 5
Location: sweden

PostPosted: Mon 25 Apr '16 0:08    Post subject: Reply with quote

Well, they fixed the thing with index.php in the url in the latest update so that is not present anymore.

Is there anyway I can force the reverse proxy to not change content type or atleast force it to use text/css for css files?

At first I thought that it applies the content type text/html because it received a file without content type but since I get the content type text/css when I query the server directly I can't see why the reverse proxy would receive any different response and change it.
Back to top
jfjallid



Joined: 02 Apr 2016
Posts: 5
Location: sweden

PostPosted: Sun 05 Jun '16 11:46    Post subject: Reply with quote

I finally found out that I was missing a trailing / on the ProxyPass commands.

Previously I had written:
Code:
ProxyPass / http://cloud.myDomain.com
ProxyPassReverse / http://cloud.myDomain.com


It should be:
Code:
ProxyPass / http://cloud.myDomain.com/
ProxyPassReverse / http://cloud.myDomain.com/


For some reason that led to problems with wrong content type.
Back to top


Reply to topic   Topic: [SOLVED] Apache reverse proxy refused to execute script View previous topic :: View next topic
Post new topic   Forum Index -> Apache