Please Note This forum exists for community support for the Mango product family and the Radix IoT Platform. Although Radix IoT employees participate in this forum from time to time, there is no guarantee of a response to anything posted here, nor can Radix IoT, LLC guarantee the accuracy of any information expressed or conveyed. Specific project questions from customers with active support contracts are asked to send requests to support@radixiot.com.
Latest version (3.5.5) appears to fail rendering data
-
Nothing Worked without it - 3.4.1 wouldn't work with SSL until I turned the cors on. Since it works I'm not tinkering with it:
My config:#Cross Origin Request Handling rest.cors.enabled=true rest.cors.allowedOrigins=* rest.cors.allowedMethods=PUT,POST,GET,OPTIONS,DELETE rest.cors.allowedHeaders=content-type,x-requested-with,authorization rest.cors.exposedHeaders= rest.cors.allowCredentials=true rest.cors.maxAge=3600Not interested in any more bugs. This didn't work with 3.5.4. Wasn't happy with telling customers that the SSL was broken and they had to knock off the https in order to log in.
apache2 proxy settings:
DocumentRoot /opt/mango/overrides/web/modules/mangoUI/web SSLProxyEngine On ProxyRequests Off ProxyPreserveHost On # for a http server Protocols h2c http/1.1 ProxyPass /.well-known ! RewriteEngine on RewriteCond %{HTTP:Connection} Upgrade [NC] RewriteCond %{HTTP:Upgrade} websocket [NC] RewriteRule /(.*) ws://127.0.0.1:8080/$1 [P,L] <Location /> ProxyPass http://127.0.0.1:8080/ ProxyPassReverse / </Location>Do not follow where the path may lead; go instead where there is no path.
And leave a trail - Muriel Strode -
I apologize for not mentioning the proxy. I didn't even think of it, since it had been working previously (and in development I often switch back and forth between proxy and VPN).
I believe I upgraded from 3.4.1 (no longer have logs to confirm exactly). But I explicitly tested that page before & after to confirm this change in behavior.
The
ma.logshows nothing relevant (no entries except forJSON File Import Job.)@MattFox adding CORS configuration made no difference (except locking me out until I opened it up globally).
Adding the following configuration to the
VirtualHostconfiguration fixes it:RewriteEngine On RewriteCond %{HTTP:Connection} Upgrade [NC] RewriteCond %{HTTP:Upgrade} websocket [NC] RewriteRule /(.*) ws://internal.mangoserver.com:8080/$1 [P,L]I apologize for the confusion, but due to some similar issues with another Mango server, I explicitly tested it with this configuration before and after upgrading, which is why I listed the symptoms (and my diagnosis) as I did.
Bottom line, it's working. Why? uhh.... It's working! ;-)
-
@mattfox Yes, the proxy configuration is exactly what I needed. The CORS configuration didn't seem to help.
-
Well at least that's sorted i'm happy. Forgive the irritated post Jared, it's been a difficult few weeks surrounding Mango data handling related issues.
Edit: The above virtual host config I have there works with l;etsEncrypt so you can just set and forget. Just make sure you add the
ProxyPass /.well-known !in the SSL version of your config if you have forced redirect to SSL in order for letsencrypt to update
-
I take it back, @MattFox ; apparently the
CORSconfiguration IS necessary. Suddenly found it failing again, and sure enough enablingCORSdid the trick.I really do go through these tests in a methodical manner, but somehow I'm losing the sequence today.
Thanks to all who helped me get through this.
-
I might try and setup a Apache reverse proxy and figure out what is going on here. I still don't think that CORS should be necessary, I believe you that it fixes the problem however I don't think its the correct solution. In fact allowing any origin with allow credentials poses a security risk so I'd like to get it sorted out for you guys.
-
Have you been setting the HTTP origin header in your proxy?
We have sites running behind an Apache proxy, and the live-chart on 3.5.5 doesn't seem to have an issue. CORS is not enabled. Here is an example of the Apache config with a wildcard SSL certificate being used,
ServerName servername.host.extension ProxyPass / http://172.16.3.4/ ProxyPassReverse / http://172.16.3.4/ RewriteEngine On RewriteCond %{HTTP:Upgrade} =websocket RewriteRule /(.*) ws://172.16.3.4/$1 [P,L] RewriteCond %{HTTP:Upgrade} !=websocket RewriteRule /(.*) http://172.16.3.4/$1 [P,L] ProxyPreserveHost off RequestHeader set Origin "http://servername.host.extension" Header edit Location ^http://servername.host.extension https://servername.host.extension SSLProxyEngine On SSLEngine on SSLCertificateFile /path/to/host.extension.crt SSLCertificateKeyFile /path/to/host.extension.key SSLCertificateChainFile /path/to/host.extension.ca-bundle ProxyRequests on -
What version of apache is that? I don't think my version allows some of those settings
-
2.4.x
What settings would it not allow?
-
RequestHeader
-
Loading mod_headers in your apache config? https://httpd.apache.org/docs/current/mod/mod_headers.html
Or maybe you just need to symlink it into mods-enabled and reload ?
-
That will likely be it, thanks Phil!
