2

I have a online shop that has creditcard payment with 3Dsecure. When 3D secure navigates back to my site using url example.com/confirmPage/token I get a 405 not allowed from Nginx.

If I visit the page direct from my browser there is no problem also when I refresh the exact same page with the 405 error it loads perfectly fine.

It seems to be related to programmatic redirection to my site from 3DSecure.

Details: Site is hosted in a AWS ECS Cluster which redirects to https so Nginx doesn't have to. Site runs in a Docker container with Nginx

My Nginx config for the site looks like this: 

events {
}
http {
    include  /etc/nginx/mime.types;
    server {
        listen 443 ssl default_server;
        listen [::]:443 ssl default_server;
        server_name example.com *.example.com;
        access_log /var/log/example/access/example.access.log;
        error_log /var/log/example/error/example.error.log;
        ssl_certificate /etc/ssl/certs/example.com.crt;
        ssl_certificate_key /etc/ssl/private/example.com.pem;
        root /usr/share/nginx/html;
        index index.html;

        location / {
            try_files $uri $uri/ /index.html?/$request_uri;
        }
    }
}

This is copied over using a docker file.

Any help would be greatly appreciated.

RFZees
  • 105
  • 1
  • 12
  • 405 means _"method not allowed"_ and it happens when you attempt to use a request method like `POST` for a URL that is only handled by `GET` – Phil Oct 31 '19 at 01:01
  • A typical [Vue Router history-mode rewrite in NGINX](https://router.vuejs.org/guide/essentials/history-mode.html#nginx) looks like `try_files $uri $uri/ /index.html;`. Not sure what's going on in yours – Phil Oct 31 '19 at 01:04
  • @Phil, thank you for the comment. It's however not an API request that is being blocked, and as my question mentions if you simply refresh the same page it works just fine. I think it is due to vue history mode and the location settings in nginx which works just fine when navigating inside the site no problem. but when another page ```ie: 3D secure``` redirects back to the site that it hits the 405. then when I refresh that exact page it works. – RFZees Oct 31 '19 at 10:16
  • @Phil Also the ```try_files $uri $uri/ /index.html;``` like so ---> ```try_files $uri $uri/ /index.html?/$request_uri;``` is included in my post above. This only solves 404 on refresh problems, nost specifically the 405 from a programmatic redirect to my site from the 3D Secure page. – RFZees Oct 31 '19 at 10:18

1 Answers1

-2

My team mates managed to find the fix for this. 

location / {
   error_page 405 = 200 $uri;
   try_files $uri $uri/ /index.html?/$request_uri;
}

405 (Not Allowed) on POST request - Esa Jokinen

RFZees
  • 105
  • 1
  • 12