I have a Node.js app running Express.js. The site works fine when requesting: https://mysite.com/ from a browser.
I setup a catch all 404 and log what URL was requested (to see where users are getting confused, etc.). However, I keep getting a 404 log message with the URL https://mysite.com/
Here are more details on the user agent that triggers this:
req.headers[user-agent]: "Google-HTTP-Java-Client/1.17.0-rc (gzip)"
req.route.method : "head"
I think its a Bot requesting a "head" only instead of a "get". Why would a bot do a head request? Should I fix this by allowing responses in express from both head and get?
Related
Environment: Node.js, Express
Question: What is the correct status code for a situation in which a POST request successfully logs out a user and redirects the client to the home page?
Background: I use a POST request to log out clients. At the end of a successful log out I use, return res.redirect('/') to forward the user to the home page.
When I checked the headers in Dev Tools I saw that Express was by default sending a 302 status code. However in my situation I'm not sure if that's right because resources have not been moved temporarily or permanently. When an internal redirect happens due to the normal operation of a server what is the correct status code to send?
Request URL: https://www.example.com/logout
Request Method: POST
Status Code: 302
Remote Address: 1.1.1.1:443
Referrer Policy: strict-origin
Below in the response header it shows
location: /
It's 303 - See other. The "resource" has not been moved because there is no resource to speak of - you're displaying a related page, which is, however, not the representation of the hypothetical "logout resource".
I've two components in my application. A frontend which is built on Angular and backend built using express. I'm using the Nest.js framework in the backend.
I have an http-exception.filter.ts file which takes care of any thrown exception. So far, I've been handling Internal Server Error in the application this way.
if(exception.getStatus() === 500) {
response
.status(500)
.json({
status: '500',
code: 'INTERNAL_SERVER_ERROR',
message: 'Internal Server Error'
});
}
But, now an HTML page has been designed showing Internal Server Error message. All I need to do to render that page is to hit the URL /ui/internal-server-error. So, I tried to that using the code below.
response
.status(500)
.redirect('/ui/internal-server-error');
The page loads when a case of internal server error occurs, but the problem is I'm not getting 500 status when I'm reading the network logs in the browser. Instead, I'm getting 304 Not modified status.
Could anyone please point me in the right direction? I want to show the error page along with status code 500 and the UI page needs to come from Frontend only as I've no access over it.
When redirect is called, it sets the status, so the 500 is replaced.
From the express docs (relevant as NestJS uses Express by default):
Redirects to the URL derived from the specified path, with specified status, a positive integer that corresponds to an HTTP status code . If not specified, status defaults to “302 “Found”.
res.redirect('/foo/bar')
res.redirect('http://example.com')
res.redirect(301, 'http://example.com')
res.redirect('../login')
Add the desired status as an argument to redirect.
So let's start with little info in the beginning.
I have nodejs server side app and client app on angular. I send only get requsts to server app just to read data from database. When i started my apps on local machine they were working pretty well. But when i deployed them to server i got such error : (below in screen)
screen with error from angular
So, i added cors support in server app and add Allow Headers. code in nodejs
But it doesn`t help. When i post "GET" request i get my allow headers in response header and my data that i need in body.
screen with response headers in postman
screen with response body in postman
Server - apache. One interesting thing that server app works good with http protocol and when i am using htttps get this errror error with https
But angular works on https.
I am using ECS for a webapp, and i setup an Error Pages definitions for codes 404 and 502. My current setup returns a static maintenance.html file (hosted on S3) and returns a code of 200. I have to return 200, otherwise Outlook (which hosts my app) will not render the returned html, and show an ugly error page instead.
The problem I'm having with it, is that a later API call from my clientside app to my server, might also return 404. With the current setup, CloudFront intercepts this reply, and returns the maintenance.html with code 200. So now my app doesn't know anything is wrong, and later fails on parsing the reply.
Is there a way to define the Error Pages to only handle specific requests? For my usage, I'd like them to only handle calls to my /static/index.html files. If some other file/API call is actually missing from the server, I'd like my client to get the 404, so it can handle it properly.
So to answer your question according to the documentation I read there is currently no way to do this from cloudfront Error Pages Config.
However, We had a similar problem, but in our case API calls were returning a 500 Error with a s3 custom error html instead of the actual server error that I expected only for API calls.
What we ended up doing in this case was a handler in the back end for 500 errors that would return a response code that we were not using in the cloudfront Error Pages if the request Url had the pattern of API calls (we used http Error Code 406) and then the handler will reply with the 406 response code and the whole error instead of the 500 with the s3 response html only when failed over the api url pattern. I know this does not solve the problem the way you would have like to, but probably you may find it helpful until cloudfront allows a custom error response based in a Path Pattern.
The route uses the DELETE method, which I was able to use in nodejs with the use of the method-override npm package. I can use curl for my GET and POST routes fine, but for the DELETE route in particular, when I change the url from http://localhost:3000/ to http://nameofapp.appspot.com/ in my cURL call, I get a "Error 400 (Bad Request)!!1" in return.
I looked at the route on the dashboard, and it's shown under "client errors" and it shows an error rate of 100% but doesn't give me any more information than that. It is always successful with localhost.
Any ideas??