Proxy isn't used when validating Pre-defined Atom

[GISClaes]

Description

Proxy isn't used when validating Pre-defined Atom. It could be the case for other validations as well.

How to reproduce

1. Download inspire-validator ZIP file
2. Extract it's contents
3. Edit etf.webapp.base.url
   1. Open the .war file with an archive tool that supports in place edit
   2. Modify etf.webapp.base.url under "WEB-INF/classes/etf-config.properties"
4. Edit validator/js/config.js
   1. Open file with a text editor
   2. Update URL to match those of the production host
5. Edit validator/js/config.js inside ui.zip
   1. Open ui.zip with an archive tool that supports in place edit
   2. Go to validator/js
   3. Open config.js for edit
   4. Update URL to match those of the production host
6. Build and push the image to your docker repo
7. Deploy/run the container to production host
8. The container fails to download functx, even though we have specified http/https proxy as environment variable for the container. We can verify env-vars are working by using curl inside the container. However this is an issue we can get past by downloading functx ourselves:
   1. Download it yourself from https://files.basex.org/modules/expath/functx-1.0.xar
   2. unzip it inside the container under config/ds/db/repo/http-www.functx.com-1.0
9. Restart the container to make sure it successfully reads the functx package
10. Run tcpdump on production host (outside the container)
    1. tcpdump -i ens192 host inspire.msb.se
11. Run a validation
    1. Browse http://productionhost.domain:8090/validator/test-selection/index.html
    2. Fill out the form:
       1. Select the INSPIRE resource you would like to test
          1. Download Service
       2. Select the Download Service type
          1. Pre-defined Atom
       3. Service URL
          1. https://inspire.msb.se/nedladdning/MSB_TopAtomFeed_APSFR.xml
12. The test will fail pretty much immediately
13. Check console log in your browser and you will see a stacktrace mentioning connection refused (see attached JSON)
14. Running tcpdump on the production host will show that the traffic to inspire.msb.se wasn't sent through configured proxy

We can replicate the connection refused with the following URL:

• https://inspire.msb.se/nedladdning/MSB_TopAtomFeed_APSFR.xml
• https://geodata.naturvardsverket.se/atom/inspire/am/am_omraden_sarskilda_restriktioner_serviceFeed.xml

Let me know if you need any additional information

Versions/software

• Docker Community - 20.10.18
• helpdesk-validator 2022.3
• Red Hat Enterprise Linux release 8.6

[GISClaes]

Here is the full stacktrace for the error attachment-connection_refused.txt

[fabiovinci]

Dear @GISClaes,

we will analyze your problem and let you know if more information is needed.

[GISClaes]

Thanks for looking into this issue @fabiovinci . Has there been any progress? let me know if there is anything I could do/try to help you along with your analysis.

[DanielMartinPerezdeLeon]

Dear @GISClaes

Apologies for the delayed response. We are unable to replicate the issue you've encountered due to a lack of information regarding the proxy configuration utilized on this validator instance.

The inability of this instance to access https://files.basex.org/modules/expath/functx-1.0.xar, coupled with the connection error, suggests that the proxy may be restricting access to certain URLs required by the validator.

Additionally, there might be an issue with the configuration of URLs either in WEB-INF/classes/etf-config.properties or validator/js/config.js.

To assist you further with resolving this issue, could you kindly provide us with more information about the environments being used?

Thank you for your understanding.

Regards,