It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

URL Doesn't match with 'undefined'

I am running Confluence Server 6.15.9 behind an NGINX HTTPS proxy where I access confluence on a subdomain. Most of the functionality of confluence is broken, other than the admin pages. I get a notificaiton on every page that my URL doesn't match, when it does (see screenshot).

Screen Shot 2019-08-30 at 22.21.15.png

There seems to be a bug where something undefined is being caught up in the URL its using to check what I'm using to access Confluence, as seen in the notification.

My NGINX config is:

# wiki.yvr.ecn.io
server {
listen 80;
server_name wiki.yvr.ecn.io;
add_header Strict-Transport-Security max-age=63072000;
return 301 https://$server_name$request_uri;
}

server {
listen 443 ssl;
add_header Strict-Transport-Security max-age=63072000;
ssl_certificate /etc/nginx/certs/wiki.yvr.ecn.io/server.crt;
ssl_certificate_key /etc/nginx/certs/wiki.yvr.ecn.io/server.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;

server_name wiki.yvr.ecn.io;

# Security Headers
add_header Content-Security-Policy "script-src 'self'" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Xss-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-referrer" always;

location / {
client_max_body_size 100m;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://localhost:8090/;
}

location /synchrony {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://localhost:8091/synchrony;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
}
}

My server.xml config is:

<Server port="8000" shutdown="SHUTDOWN" debug="0">
<Service name="Tomcat-Standalone">
<Connector port="8090" connectionTimeout="20000" redirectPort="8443"
maxThreads="48" minSpareThreads="10"
enableLookups="false" acceptCount="10" debug="0" URIEncoding="UTF-8"
protocol="org.apache.coyote.http11.Http11NioProtocol"
scheme="https" secure="true" proxyName="wiki.yvr.ecn.io" proxyPort="443"/>
<Engine name="Standalone" defaultHost="localhost" debug="0">
<Host name="localhost" debug="0" appBase="webapps" unpackWARs="true" autoDeploy="false" startStopThreads="4">
<Context path="" docBase="../confluence" debug="0" reloadable="false" useHttpOnly="true">
<!-- Logging configuration for Confluence is specified in confluence/WEB-INF/classes/log4j.properties -->
<Manager pathname=""/>
<Valve className="org.apache.catalina.valves.StuckThreadDetectionValve" threshold="60"/>
</Context>

<Context path="${confluence.context.path}/synchrony-proxy" docBase="../synchrony-proxy" debug="0" reloadable="false" useHttpOnly="true">
<Valve className="org.apache.catalina.valves.StuckThreadDetectionValve" threshold="60"/>
</Context>
</Host>
</Engine>
</Service>
</Server>

Why doesn't this work?

2 answers

1 accepted

0 votes
Answer accepted

The issue is with the CSP header, you also need to allow inline and eval.

add_header Content-Security-Policy "script-src 'self' 'unsafe-inline' 'unsafe-eval'" always;
0 votes

Could you restart nginx ? 

and reproduce it on private mode?

I restart NGINX each time I update the config.

Not sure what you mean "private mode" - this isn't a publicly reachable Confluence instance as that domain name shouldn't resolve to anything.

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Posted in Confluence

How is your team having fun and bonding, remotely, utilizing Confluence?

Thanks everyone for answering last week’s question. The winner of the random drawing from those who commented is: @LarryBrock I’ll contact you separately with your prize details. This wee...

278 views 9 6
Join discussion

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you