我在使用Rails 4构建的网站时遇到了一个奇怪的问题。在开发它时我使用Ngrok测试Stripe webhook,这很好,所以代码应该没问题,但是现在正在制作中我从条纹中得到错误,说它无法连接到webhook。
此外,我想使用Loader.io进行一些压力测试,在addind主机之后,当要求验证他们要求上传到根目录的文件时,它也会因There was an error loading the URL错误而失败
这让我相信我的Nginx配置可能有问题,即使该网站在浏览器中工作正常,我的用户还有北美和欧洲,并且没有任何关于超时或速度慢的抱怨到目前为止,即使它运行在小型VPS上。
这是 Nginx 主机文件:
server {
listen 80;
listen 443 ssl http2;
ssl on;
ssl_certificate /var/lib/acme/live/example.com/fullchain;
ssl_certificate_key /var/lib/acme/live/example.com/privkey;
# Set up preferred secure protocols and ciphers. TLS1.2 is required for HTTP/2
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA;
root /var/www/example/public;
server_name example.com;
if ($ssl_protocol = "") {
rewrite ^ https://$server_name$request_uri? permanent;
}
client_max_body_size 20M;
passenger_enabled on;
rails_env production;
# For issuing https certificates
location ^~ /.well-known/acme-challenge/ {
alias /var/www/acme-challenge/.well-known/acme-challenge/;
}
location ~* ^/assets/ {
# Per RFC2616 - 1 year maximum expiry
# http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html
expires 1y;
add_header Cache-Control public;
# Some browsers still send conditional-GET requests if there's a
# Last-Modified header or an ETag header even if they haven't
# reached the expiry date sent in the Expires header.
add_header Last-Modified "";
add_header ETag "";
break;
}
}
这是Rails部分
路线
match 'stripe/webhook' => 'stripe#webhook', via: [:post, :get], as: :stripe_webhook
控制器
class StripeController < ApplicationController
protect_from_forgery :except => [:subscription, :webhook] #Otherwise the request from Stripe wouldn't make it to the controller
skip_before_action :require_login, only: [:webhook]
def webhook
Stripe.api_key = 'SECRET'
begin
event_json = JSON.parse(request.body.read)
#make sure this is the real deal by verifying the event by fetching it from Stripe
if event.has_key?("id")
event = Stripe::Event.retrieve(event_json["id"])
txt = 'OK'
handle_transaction(event)
else
txt = 'ERROR'
end
render plain: txt, layout: false, status: 200
rescue => e
Rails.logger.info "===================== ERROR ==================="
Rails.logger.info e.inspect
render plain: 'ERROR', layout: false, status: 500
end
end
#rest of the actions and private methods
#(...)
end
知道为什么会这样吗?
答案 0 :(得分:0)
事实证明问题出现在托管服务提供商级别,他们不得不将条带中的IP列入白名单。
如果有人需要,可以找到IP https://stripe.com/files/ips/ips_webhooks.txt。