1. 技术文章
  2. .app domian Apache directive only added to port 80 config not loading - works on other gTLDs

.app domian Apache directive only added to port 80 config not loading - works on other gTLDs

给你一囗甜甜゛ 提交于 2019-12-11 16:57:20

问题


So I have the following settings in my apache http virtualhost :80 config:

<Location "/analytics/">
    ProxyPreserveHost On
    ProxyPass "http://192.168.1.1/"
    ProxyPassReverse "http://192.168.1.1/"
</Location>

This works fine when connecting on http and even applies to https when using a normal gTLD like .com / .org.

But when using this on an .app gTLD the config does not work at all. It seems like because of the forced SSL HTTPS nature of the .app gTLD, its not even loading the Apache :80 config?

Now when I also add the config above to the apache https virtualhost :443 config, then it works fine.

Some questions I have:

  1. I have spent a few hours looking for an answer as to IF you HAVE to apply Location / Directory / Alias directives to both the 80 and 443 configs in Apache? It seems like they work fine when just adding them to 80 most of the time? But not in this .app case, but I cant seem to find what the standard is - do you have to apply these directives to both 80 and 443 or is 80 enough and will 443 then get that from 80?

  2. Why is the setting needed in 443 for .app domains but not for other gTDLs? Is it because browsers are just loading more strictly from the apache server? 443 configs only for .app but less strict for other gTDLs when loading https?

Some of this is being posted for reference for others as I could not find much online about it, but I am also interested in the answers for some of these questions.


回答1:


When you registered your .APP domain your registrar should have (it is mandated by the registry - Google) shown to you a snippet explaining that an "SSL certificate"(sic) is required to make .APP domains work.

Which means that you can do only HTTPS queries and not HTTP queries to server name in this TLD.

Why? Because Google registered the TLD in the HSTS preloading list, which is used by browsers. It makes them never attempt an HTTP query but only HTTPS, for security reasons. You can still configure a web server on port 80 and have a command line client or HTTP library connect to port 80. But mainstream browsers obey the HSTS preloading list and hence will not open a connection to port 80 no matter what you do with them.

You can find details at my answer to the same question here some months ago: https://stackoverflow.com/a/50258651/6368697



来源:https://stackoverflow.com/questions/58390403/app-domian-apache-directive-only-added-to-port-80-config-not-loading-works-on

标签
apache
https
virtualhost
tld
.app
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!