Rais omniauth implements Google login and works fine in the local environment.
In the server environment (CentOS, Nginx), a 403 error is displayed when a callback is made to the following URL after Google authentication.
403 Forbidden Situation
In the course of our investigation, we found that accessing URLs containing "://" as shown below, regardless of omniauth or Google login, results in similar errors.
I am wondering if there is a security setting for the server that prohibits access including
:// in the query parameters, but if you have any, could you please let me know?
There are no Rails or Nginx error logs or access logs for this issue.
As a result of the investigation, the problem was that the AWS WAF configuration blocked URLs containing
© 2023 OneMinuteCode. All rights reserved.