Open Closed

The ABP project was released to the official environment, but the homology verification failed #5316

User avatar
0
49499671@qq.com created

My project uses abp7 and blazer, and has been published to IIS. The certificate for https has been successfully added, but an error will be reported when the website calls the API interface, prompting 'Refused to display' https://api.thisisfortest.site/ In a frame because it set 'X-Frame Options' to' sameorigin ', May I ask how to solve it? I tried to add the configuration of X-Frame Options, but it still couldn't take effect. Do you need to configure anything for the ABP VNET project release?

Go to accepted answer
9 Answer(s)
  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Please share the error log, thanks.

  • User Avatar
    0
    49499671@qq.com created

    2023-06-27 11:59:28.639 +08:00 [INF] The request URI matched a server endpoint: "Authorization". 2023-06-27 11:59:28.639 +08:00 [INF] The authorization request was successfully extracted: { "client_id": "SGSGlobalPass_Blazor", "redirect_uri": "https://thisisfortest.site/authentication/login-callback", "response_type": "code", "scope": "openid profile SGSGlobalPass roles email phone", "state": "f0f7fec0d12747bcbbf9ecc779c25cba", "code_challenge": "5fxi1Io8Su92yPmY5FOu1LHe-9IdyL8PiNfgzg2u_-s", "code_challenge_method": "S256", "prompt": "none", "response_mode": "query" }. 2023-06-27 11:59:28.640 +08:00 [INF] Client validation failed because 'https://thisisfortest.site/authentication/login-callback' was not a valid redirect_uri for SGSGlobalPass_Blazor. 2023-06-27 11:59:28.640 +08:00 [INF] The authorization request was rejected because the redirect_uri was invalid: 'https://thisisfortest.site/authentication/login-callback'. 2023-06-27 11:59:28.640 +08:00 [INF] Request finished HTTP/1.1 GET https://api.thisisfortest.site/connect/authorize?client_id=SGSGlobalPass_Blazor&redirect_uri=https%3A%2F%2Fthisisfortest.site%2Fauthentication%2Flogin-callback&response_type=code&scope=openid%20profile%20SGSGlobalPass%20roles%20email%20phone&state=f0f7fec0d12747bcbbf9ecc779c25cba&code_challenge=5fxi1Io8Su92yPmY5FOu1LHe-9IdyL8PiNfgzg2u_-s&code_challenge_method=S256&prompt=none&response_mode=query - - - 302 - - 2.5353ms 2023-06-27 11:59:28.820 +08:00 [INF] Request starting HTTP/1.1 GET https://api.thisisfortest.site/Error?httpStatusCode=400 - - 2023-06-27 11:59:28.822 +08:00 [INF] Executing endpoint 'Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController.Index (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared)' 2023-06-27 11:59:28.822 +08:00 [INF] Route matched with {action = "Index", controller = "Error", area = "", page = ""}. Executing controller action with signature System.Threading.Tasks.Task1[Microsoft.AspNetCore.Mvc.IActionResult] Index(Int32) on controller Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared). 2023-06-27 11:59:28.823 +08:00 [INF] Executing ViewResult, running view ~/Views/Error/Default.cshtml. 2023-06-27 11:59:28.827 +08:00 [INF] Executed ViewResult - view ~/Views/Error/Default.cshtml executed in 4.1338ms. 2023-06-27 11:59:28.827 +08:00 [INF] Executed action Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController.Index (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared) in 5.0723ms 2023-06-27 11:59:28.827 +08:00 [INF] Executed endpoint 'Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController.Index (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared)' 2023-06-27 11:59:28.828 +08:00 [INF] Request finished HTTP/1.1 GET https://api.thisisfortest.site/Error?httpStatusCode=400 - - - 400 - text/html;+charset=utf-8 8.2332ms 2023-06-27 11:59:38.641 +08:00 [INF] Request starting HTTP/1.1 OPTIONS https://api.thisisfortest.site/api/abp/application-localization?CultureName=en&OnlyDynamics=True&api-version=1.0 - - 2023-06-27 11:59:38.642 +08:00 [INF] CORS policy execution successful. 2023-06-27 11:59:38.642 +08:00 [INF] Request finished HTTP/1.1 OPTIONS https://api.thisisfortest.site/api/abp/application-localization?CultureName=en&OnlyDynamics=True&api-version=1.0 - - - 204 - - 0.6283ms 2023-06-27 11:59:38.815 +08:00 [INF] Request starting HTTP/1.1 GET https://api.thisisfortest.site/api/abp/application-localization?CultureName=en&OnlyDynamics=True&api-version=1.0 - - 2023-06-27 11:59:38.815 +08:00 [INF] CORS policy execution successful. 2023-06-27 11:59:38.818 +08:00 [INF] Executing endpoint 'Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationLocalizationController.GetAsync (Volo.Abp.AspNetCore.Mvc)' 2023-06-27 11:59:38.818 +08:00 [INF] Route matched with {area = "abp", action = "Get", controller = "AbpApplicationLocalization", page = ""}. Executing controller action with signature System.Threading.Tasks.Task1[Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.ApplicationLocalizationDto] GetAsync(Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.ApplicationLocalizationRequestDto) on controller Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationLocalizationController (Volo.Abp.AspNetCore.Mvc). 2023-06-27 11:59:38.824 +08:00 [INF] Executing ObjectResult, writing value of type 'Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.ApplicationLocalizationDto'. 2023-06-27 11:59:38.824 +08:00 [INF] Executed action Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationLocalizationController.GetAsync (Volo.Abp.AspNetCore.Mvc) in 5.7762ms 2023-06-27 11:59:38.824 +08:00 [INF] Executed endpoint 'Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationLocalizationController.GetAsync (Volo.Abp.AspNetCore.Mvc)' 2023-06-27 11:59:38.824 +08:00 [INF] Request finished HTTP/1.1 GET https://api.thisisfortest.site/api/abp/application-localization?CultureName=en&OnlyDynamics=True&api-version=1.0 - - - 200 - application/json;+charset=utf-8 9.1058ms 2023-06-27 11:59:39.062 +08:00 [INF] Request starting HTTP/1.1 GET https://api.thisisfortest.site/connect/authorize?client_id=SGSGlobalPass_Blazor&redirect_uri=https%3A%2F%2Fthisisfortest.site%2Fauthentication%2Flogin-callback&response_type=code&scope=openid%20profile%20SGSGlobalPass%20roles%20email%20phone&state=015bb1bf394e4c229b92e93a8beba2a0&code_challenge=_zYJnXk3H6WSCoAeHTRoBAM8RKGv9BTKTJ11BfXPkCw&code_challenge_method=S256&prompt=none&response_mode=query - - 2023-06-27 11:59:39.063 +08:00 [INF] The request URI matched a server endpoint: "Authorization". 2023-06-27 11:59:39.063 +08:00 [INF] The authorization request was successfully extracted: { "client_id": "SGSGlobalPass_Blazor", "redirect_uri": "https://thisisfortest.site/authentication/login-callback", "response_type": "code", "scope": "openid profile SGSGlobalPass roles email phone", "state": "015bb1bf394e4c229b92e93a8beba2a0", "code_challenge": "_zYJnXk3H6WSCoAeHTRoBAM8RKGv9BTKTJ11BfXPkCw", "code_challenge_method": "S256", "prompt": "none", "response_mode": "query" }. 2023-06-27 11:59:39.064 +08:00 [INF] Client validation failed because 'https://thisisfortest.site/authentication/login-callback' was not a valid redirect_uri for SGSGlobalPass_Blazor. 2023-06-27 11:59:39.064 +08:00 [INF] The authorization request was rejected because the redirect_uri was invalid: 'https://thisisfortest.site/authentication/login-callback'. 2023-06-27 11:59:39.064 +08:00 [INF] Request finished HTTP/1.1 GET https://api.thisisfortest.site/connect/authorize?client_id=SGSGlobalPass_Blazor&redirect_uri=https%3A%2F%2Fthisisfortest.site%2Fauthentication%2Flogin-callback&response_type=code&scope=openid%20profile%20SGSGlobalPass%20roles%20email%20phone&state=015bb1bf394e4c229b92e93a8beba2a0&code_challenge=_zYJnXk3H6WSCoAeHTRoBAM8RKGv9BTKTJ11BfXPkCw&code_challenge_method=S256&prompt=none&response_mode=query - - - 302 - - 1.9674ms 2023-06-27 11:59:39.243 +08:00 [INF] Request starting HTTP/1.1 GET https://api.thisisfortest.site/Error?httpStatusCode=400 - - 2023-06-27 11:59:39.245 +08:00 [INF] Executing endpoint 'Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController.Index (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared)' 2023-06-27 11:59:39.246 +08:00 [INF] Route matched with {action = "Index", controller = "Error", area = "", page = ""}. Executing controller action with signature System.Threading.Tasks.Task`1[Microsoft.AspNetCore.Mvc.IActionResult] Index(Int32) on controller Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared). 2023-06-27 11:59:39.246 +08:00 [INF] Executing ViewResult, running view ~/Views/Error/Default.cshtml. 2023-06-27 11:59:39.250 +08:00 [INF] Executed ViewResult - view ~/Views/Error/Default.cshtml executed in 4.0221ms. 2023-06-27 11:59:39.250 +08:00 [INF] Executed action Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController.Index (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared) in 4.8544ms 2023-06-27 11:59:39.250 +08:00 [INF] Executed endpoint 'Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController.Index (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared)' 2023-06-27 11:59:39.251 +08:00 [INF] Request finished HTTP/1.1 GET https://api.thisisfortest.site/Error?httpStatusCode=400 - - - 400 - text/html;+charset=utf-8 7.8668ms

  • User Avatar
    0
    49499671@qq.com created

    in website, retrun message: Failed to load resource: the server responded with a status of 400 () Refused to display 'https://api.thisisfortest.site/' in a frame because it set 'X-Frame-Options' to 'sameorigin'. I used two domain names and both were configured with certificates: thisisfortest.site and api.thisisfortest.site.

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Hi,

    you can't even login

    The authorization request was rejected because the redirect_uri was invalid: 'https://thisisfortest.site/authentication/login-callback'.

    You can check the document: https://docs.abp.io/en/commercial/latest/guides/identityserver-deployment

    This is for identityserver, but most of it also works with openiddict

  • User Avatar
    0
    49499671@qq.com created

    But I have already configured RedirectAllowedUrls in the appsettings. json file and set it to https://thisisfortest.site/authentication/login-callback,and still report an error,

    Client validation failed because 'https://thisisfortest.site/authentication/login-callback' was not a valid redirect_uri for SGSGlobalPass_Blazor. 2023-06-27 14:58:36.424 +08:00 [INF] The authorization request was rejected because the redirect_uri was invalid:

    Here is my configuration information "App": { "SelfUrl": "https://api.thisisfortest.site", "CorsOrigins": "https://*.thisisfortest.site,https://thisisfortest.site", "RedirectAllowedUrls": "https://thisisfortest.site/authentication/login-callback,https://api.thisisfortest.site/swagger/oauth2-redirect.html" }

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    The redirect_uri is openiddict client application's redirect_uri, not RedirectAllowedUrls

    Please check the OpendictAppliations database table:

    .

    When you are done the changes, you should restart the site and clear the Redis cache(if Redis is used.)

  • User Avatar
    0
    49499671@qq.com created

    Thanks,I found the openiddictapplications table and changed the data to But there will still be the same mistake, and the front-end page will still report an error

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Please share the full logs, shiwei.liang@volosoft.com Both Blazor and Auth server.

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Here the same question: https://support.abp.io/QA/Questions/4439/Refused-to-display-%27httpsauthabccom8443%27-in-a-frame-because-it-set-%27X-Frame-Options%27-to-%27sameorigin%27

    I can sure the problem is related to the URI

Assignee
No one
Labels
None yet
Made with ❤️ on ABP v9.1.0-preview. Updated on November 11, 2024, 11:11