我们不得不从servicestack v5.4免费版降级到v4.5.14付费版。进行降级编译所需的唯一更改是服务代码中的一行:
v5.4代码:
[FallbackRoute("/{PathInfo*}", Matches="AcceptsHtml")]
v4.5.14代码:
[FallbackRoute("/{PathInfo*}")]
我还没有弄清楚如何在4.5.14中实现'matches'部分,但是该代码似乎仍然可以运行,并且是从VS2017启动时(该服务作为命令行Web服务运行的),但是间歇地进行了无限重定向发生。在应用程序作为Windows服务运行的产品中,无限重定向发生在100%的时间中。
结果是当我访问网址时:
https://server.domain.com:port
仅应将其重定向到:
https://server.domain.com:port/login
这是怎么回事:
https://server.domain.com:9797/login?redirect=https%3a%2f%2fserver.domain.com%3a9797%2flogin%3fredirect%3dhttps%253a%252f%252fserver.domain.com%253a9797%252flogin%253fredirect%253dhttps%25253a%25252f%25252fserver.domain.com%25253a9797%25252flogin%25253fredirect%25253dhttps%2525253a%2525252f%2525252fserver.domain.com%2525253a9797%2525252flogin%2525253fredirect%2525253dhttps%252525253a%252525252f%252525252fserver.domain.com%252525253a9797%252525252flogin%252525253fredirect%252525253dhttps%25252525253a%25252525252f%25252525252fserver.domain.com%25252525253a9797%25252525252flogin%25252525253fredirect%25252525253dhttps%2525252525253a%2525252525252f%2525252525252fserver.domain.com%2525252525253a9797%2525252525252flogin%2525252525253fredirect%2525252525253dhttps%252525252525253a%252525252525252f%252525252525252fserver.domain.com%252525252525253a9797%252525252525252flogin%252525252525253fredirect%252525252525253dhttps%25252525252525253a%25252525252525252f%25252525252525252fserver.domain.com%25252525252525253a9797%25252525252525252flogin%25252525252525253fredirect%25252525252525253dhttps%2525252525252525253a%2525252525252525252f%2525252525252525252fserver.domain.com%2525252525252525253a9797%2525252525252525252flogin%2525252525252525253fredirect%2525252525252525253dhttps%252525252525252525253a%252525252525252525252f%252525252525252525252fserver.domain.com%252525252525252525253a9797%252525252525252525252flogin%252525252525252525253fredirect%252525252525252525253dhttps%25252525252525252525253a%25252525252525252525252f%25252525252525252525252fserver.domain.com%25252525252525252525253a9797%25252525252525252525252flogin%25252525252525252525253fredirect%25252525252525252525253dhttps%2525252525252525252525253a%2525252525252525252525252f%2525252525252525252525252fserver.domain.com%2525252525252525252525253a9797%2525252525252525252525252flogin%2525252525252525252525253fredirect%2525252525252525252525253dhttps%252525252525252525252525253a%252525252525252525252525252f%252525252525252525252525252fserver.petersc
以前有人看过吗?对于从何处开始调试的任何建议,将不胜感激。
更多信息
因此,我尝试从服务中删除Authenticate属性,以查看该循环是否是由Authentication或其他原因引起的。原来是导致循环的身份验证。注释掉该属性后,一切都会按预期进行。
更新
我这个循环肯定是由AuthenticateAttribute引起的。 我注释掉了'url = url.AddQueryParam(...')行,这样我就不会得到一个巨大的垃圾查询字符串,希望可以解决问题。但是看起来其他东西不正确。下面是标题从最初的请求开始。
GET https://myServer.myDomain.com:9797/ HTTP/1.1
Host: myServer.myDomain.com:9797
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.86 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: ss-pid=qt9Lqb2YvWUu9RzLBlfr
这是响应头
HTTP/1.1 302 Found
Transfer-Encoding: chunked
Location: https://myServer.myDomain.com:9797/login
Vary: Accept
Server: Microsoft-HTTPAPI/2.0
Set-Cookie: ss-pid=kczdbSouUzx6aURug3ZU;path=/;expires=Fri, 01 Apr 2039 21:24:01 GMT;HttpOnly
Set-Cookie: ss-id=nAQeqGptASLQ1fZj4xs7;path=/;HttpOnly
X-Powered-By: ServiceStack/4.514 NET45 Win32NT/.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
Access-Control-Allow-Headers: Content-Type
Date: Mon, 01 Apr 2019 21:24:01 GMT
第一个请求之后,大约有60个重定向,所有重定向看起来都是这样:
请求:
GET https://myServer.myDomain.com:9797/login HTTP/1.1
Host: myServer.myDomain.com:9797
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.86 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: ss-pid=kczdbSouUzx6aURug3ZU; ss-id=nAQeqGptASLQ1fZj4xs7
响应:
HTTP/1.1 302 Found
Transfer-Encoding: chunked
Location: https://windows7vm1.petersco.com:9797/login
Vary: Accept
Server: Microsoft-HTTPAPI/2.0
X-Powered-By: ServiceStack/4.514 NET45 Win32NT/.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
Access-Control-Allow-Headers: Content-Type
Date: Mon, 01 Apr 2019 21:24:01 GMT
我什么也没看到来说明为什么要循环。唯一更改的是ServiceStack的版本,为什么一个版本会找到html页面,而另一个版本却找不到?我需要在v4.5.14中添加一些特殊内容,以使其能够通过index.html进行响应吗?
答案 0 :(得分:0)
所以我不敢相信AuthenticateAttribute会出现这样一个明显的问题,ServiceStack太成熟了,太了不起了,因此这不是一个bug。因此,使用该假设(通常可以安全地假设您是问题的源头,而不是发现其他所有人都漏掉的一个错误的天才),我开始研究路线,并将其与github和SPA上的一些旧样本进行比较。注意到他们都没有定义FallbackRoute。
这对我来说似乎很奇怪,但是由于我不知道该功能最初成为v5。*模板的一部分的历史,我认为删除这些行可能有效。是的。
删除此内容
[FallbackRoute("/{PathInfo*}"]
public class FallbackForClientRoutes
{
public string PathInfo { get; set; }
}
这:
public object Any(FallbackForClientRoutes request) =>
new PageResult(Request.GetPage("/"));
一切都恢复正常,导航至基本URL重定向至〜login,所有api方法均恢复为已验证状态。我已经失去了直接导航到http://myServer.myDomain.com:port/ListCompanies之类的URL的能力...但是我的猜测是,这也与路由有关(因此需要做更多的作业)。