Nginx external POST returns 302

Question

I have a server setup with Nginx 1.1.4 + PHP-FPM + APC. On this server a Magento 1.5.1.0 installation is running. What I'm having trouble with is that the callback from the payment provider is a POST and Nginx returns a 302 which makes the callback fail.

This is the config file for Nginx for the site:

server {
    listen 80;
    server_name <domain>;
    root <path to root>;

    if ($host ~* ^([a-z0-9\-]+\.(com|net|org))$) {
            set $host_with_www www.$1;
            rewrite ^(.*)$ http://$host_with_www$1 permanent;
    }

    location / {
            index index.html index.php;
            try_files $uri $uri/ @handler;
            expires 30d;
    }

    location /nginx_status {
            stub_status on;
            access_log   off;
            #allow 127.0.0.1;
            #deny all;
            allow all;
    }

    location /app/ { deny all; }
    location /includes/ { deny all; }
    location /lib/ { deny all; }
    location /media/downloadable/ { deny all; }
    location /pkginfo/ { deny all; }
    location /report/config.xml { deny all; }
    location /var/ { deny all; }

    location /var/export/ {
            auth_basic "Restricted";
            auth_basic_user_file htpasswd;
            autoindex on;
    }

    location /. {
            return 404;
    }

    location @handler {
            rewrite / /index.php;
    }

    location ~ .php/ {
            rewrite ^(.*.php)/ $1 last;
    }

    location ~ .php$ { ## Execute PHP scripts
            if (!-e $request_filename) { rewrite / /index.php last; }

            expires off; ## Do not cache dynamic content
            #fastcgi_pass 127.0.0.1:9000;
            fastcgi_pass unix:/var/run/php5-fpm.sock;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            fastcgi_param  QUERY_STRING     $query_string;
            fastcgi_param  REQUEST_METHOD   $request_method;
            fastcgi_param  CONTENT_TYPE     $content_type;
            fastcgi_param  CONTENT_LENGTH   $content_length;
            fastcgi_param MAGE_RUN_CODE default;
            fastcgi_param MAGE_RUN_TYPE store;
            fastcgi_buffers 256 16k;
            fastcgi_buffer_size 32k;
            include fastcgi_params; ## See /etc/nginx/fastcgi_params
    }
}

When the callback is made this is what the access log looks like:

85.236.67.1 - - [18/Oct/2011:09:52:03 +0000] "POST /Dibs/Dibs/callback HTTP/1.1" 302 5 "-" "DIBS"

Then the user gets redirected to /Dibs/Dibs/success which works without a problem. I've tried editing the callback-controller to just echo 1; so that nothing is wrong with the code in the function.

Is there a way to never do a 302 redirect on /Dibs/Dibs/callback or am I missing some configuration in Nginx or PHP that doesn't allow an external POST?

Worth mentioning might be that I'm using Vladgh´s installer script found here for NginX, MySQL, PHP (with APC and Suhosin) https://github.com/vladgh/VladGh.com-LEMP. I have this exact same setup on another server where the callback works just fine.

score 1 · Answer 1 · answered Oct 18 '11 at 10:53

1

Probably you are passing callback url to your payment provider without www prepended so it gets redirected by your first rewrite rule. BTW, don't use such rewrite to redirect to www host, use different server {} blocks with different server_name instead, see nginx documentation.

answered Oct 18 '11 at 10:53

AlexD

8,747
2
29
38

No, sorry should've mentioned that. The callback url includes `http://www`. Thank you for the tip on the rewrite, I've updated my configuration that way now. The problem still persists though, and I also tried disabling the forcing of www. – Niklas Modess Oct 18 '11 at 11:37

score 1 · Answer 2 · answered Jan 01 '17 at 16:01

I think your issue isn't with nginx but rather with the PHP application it serves up. On my local machine I do not get a redirect when sending a post request to the test server. Granted it is configured a slightly different from yours but not in a significant way.

server {
    listen 127.0.0.1:80;

    server_name www.test.com;
    root /var/www/test;

    if ($host ~* ^([a-z0-9\-]+\.(com|net|org))$) {
            set $host_with_www www.$1;
            rewrite ^(.*)$ http://$host_with_www$1 permanent;
    }

    location / {
            index index.html index.php;
            try_files $uri $uri/ @handler;
            expires 30d;
    }


    location /app/ { deny all; }
    location /includes/ { deny all; }
    location /lib/ { deny all; }
    location /media/downloadable/ { deny all; }
    location /pkginfo/ { deny all; }
    location /report/config.xml { deny all; }
    location /var/ { deny all; }

    location /var/export/ {
            auth_basic "Restricted";
            auth_basic_user_file htpasswd;
            autoindex on;
    }

    location /. {
            return 404;
    }

    location @handler {
            rewrite / /index.php;
    }

    location ~ .php/ {
            rewrite ^(.*.php)/ $1 last;
    }

    location ~ .php$ { ## Execute PHP scripts
            if (!-e $request_filename) { rewrite / /index.php last; }

                include snippets/fastcgi-php.conf;

                fastcgi_pass php;

    }
}

In the document root I have the following index.php script:

<?php

var_dump($_GET);

echo "<hr>";

if (isset($_POST)) {
        var_dump($_POST);
}

When I construct a post to /Dibs/Dibs/callback I do not get redirected.

curl -d "param1=value1&param2=value2" -X POST "http://127.0.0.1/Dibs/Dibs/callback" -H 'Host: www.test.com'

It is also telling that you are getting two different results with the same nginx configuration, one working and one not. Based on that too I would start looking elsewhere for the cause of the redirect.

Nginx external POST returns 302

2 Answers2