Comments (5)
Thanks for report.
We have removed nginx header from headers.
Forbidden Header:
- X-Forwarded-For
- X-Forwarded-Port
- X-Forwarded-Proto
- X-Request-Start
from istekbin-api.
Thanks for the quick reply!
Now it doesn't even let me to send a single request.
curl https://api.istekbin.com/r/addde30e-82ad-420f-b768-31a1c182aa0b -v
* Trying 165.22.30.134...
* TCP_NODELAY set
* Connected to api.istekbin.com (165.22.30.134) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/ssl/cert.pem
CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server accepted to use h2
* Server certificate:
* subject: CN=api.istekbin.com
* start date: May 17 20:17:21 2020 GMT
* expire date: Aug 15 20:17:21 2020 GMT
* subjectAltName: host "api.istekbin.com" matched cert's "api.istekbin.com"
* issuer: C=US; O=Let's Encrypt; CN=Let's Encrypt Authority X3
* SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x7fe046805200)
> GET /r/addde30e-82ad-420f-b768-31a1c182aa0b HTTP/2
> Host: api.istekbin.com
> User-Agent: curl/7.54.0
> Accept: */*
>
* Connection state changed (MAX_CONCURRENT_STREAMS updated)!
< HTTP/2 400
< server: nginx
< date: Sat, 23 May 2020 15:20:26 GMT
< content-type: application/json; charset=UTF-8
< content-length: 53
< access-control-allow-origin:
< access-control-expose-headers: Location
< vary: Origin
<
{"message":"X-Forwarded-Proto header is forbidden."}
* Connection #0 to host api.istekbin.com left intact
from istekbin-api.
Can you please check again? We have removed Nginx header check.
from istekbin-api.
Now it does work! Thanks for the good care :)
from istekbin-api.
Thanks for quick check :)
from istekbin-api.
Related Issues (12)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from istekbin-api.