1Panel icon indicating copy to clipboard operation
1Panel copied to clipboard
verified publisher icon 1Panel-dev

[BUG]在自代理开启http防护的情况下,无法上传文件至主机,访问上传接口报错500

Open guclan opened this issue 2 years ago • 4 comments

联系方式

1Panel交流群2 白桦

1Panel 版本

v1.0.5

问题描述

使用openresty开启了https服务代理1panel管控台,并开启下图画红圈的几个功能后,进行docker存储卷目录的文件上传,报错500

image image

image image

重现步骤

无法确认

期待的正确结果

No response

相关日志输出

No response

附加信息

No response

guclan avatar Apr 04 '23 01:04 guclan

经确认,该问题在如下场景发生:

关闭http安全的所有功能后,上传文件功能正常。在开启POST参数校验后,上传文件开始报错。

guclan avatar Apr 04 '23 01:04 guclan

经确认,该问题在如下场景发生:

关闭http安全的所有功能后,上传文件功能正常。在开启POST参数校验后,上传文件开始报错。

其他文件上传有问题吗? waf 拦截日志在 /opt/1panel/apps/openresty/[openrestry_name]/www/sites/[website-name]/log 可以查看一下是哪个 POST 规则拦截的

zhengkunwang223 avatar Apr 04 '23 03:04 zhengkunwang223

经确认,该问题在如下场景发生: 关闭http安全的所有功能后,上传文件功能正常。在开启POST参数校验后,上传文件开始报错。

其他文件上传有问题吗? waf 拦截日志在 /opt/1panel/apps/openresty/[openrestry_name]/www/sites/[website-name]/log 可以查看一下是哪个 POST 规则拦截的

以下是waf日志,经过IP地址脱敏。经测试,多种类型的文件都无法上传:zip pdf jpg sh等。

2023/04/04 14:03:53 [error] 316#316: *1352 lua entry thread aborted: runtime error: /www/common/waf/access.lua:315: http v2 not supported yet stack traceback: coroutine 0: [C]: in function 'socket' /www/common/waf/access.lua:315: in function 'postCheck' /www/common/waf/access.lua:386: in main chunk, client: IP_ADDRESS, server: SERVER_DOMAIN, request: "POST /api/v1/files/chunkupload HTTP/2.0", host: "SERVER_DOMAIN", referrer: "https://SERVER_DOMAIN/hosts/files" 2023/04/04 14:04:00 [error] 316#316: *1352 lua entry thread aborted: runtime error: /www/common/waf/access.lua:315: http v2 not supported yet stack traceback: coroutine 0: [C]: in function 'socket' /www/common/waf/access.lua:315: in function 'postCheck' /www/common/waf/access.lua:386: in main chunk, client: IP_ADDRESS, server: SERVER_DOMAIN, request: "POST /api/v1/files/chunkupload HTTP/2.0", host: "SERVER_DOMAIN", referrer: "https://SERVER_DOMAIN/hosts/files" 2023/04/04 14:04:08 [error] 316#316: *1352 lua entry thread aborted: runtime error: /www/common/waf/access.lua:315: http v2 not supported yet stack traceback: coroutine 0: [C]: in function 'socket' /www/common/waf/access.lua:315: in function 'postCheck' /www/common/waf/access.lua:386: in main chunk, client: IP_ADDRESS, server: SERVER_DOMAIN, request: "POST /api/v1/files/chunkupload HTTP/2.0", host: "SERVER_DOMAIN", referrer: "https://SERVER_DOMAIN/hosts/files"

guclan avatar Apr 04 '23 06:04 guclan

http v2 not supported yet

已经定位到问题了 是 lua 脚本有个方法不支持 http v2 导致的,我们会在后续版本修复这个BUG

zhengkunwang223 avatar Apr 04 '23 07:04 zhengkunwang223

v1.3.0 版本已发布。

wanghe-fit2cloud avatar Jun 08 '23 08:06 wanghe-fit2cloud