403 Error on Google Login Callback in Rais' omniauth

Asked 3 months ago, Updated 3 months ago, 12 views

Rais omniauth implements Google login and works fine in the local environment.
In the server environment (CentOS, Nginx), a 403 error is displayed when a callback is made to the following URL after Google authentication.


403 Forbidden Situation

403 Forbidden Situation

In the course of our investigation, we found that accessing URLs containing "://" as shown below, regardless of omniauth or Google login, results in similar errors.


I am wondering if there is a security setting for the server that prohibits access including :// in the query parameters, but if you have any, could you please let me know?

There are no Rails or Nginx error logs or access logs for this issue.


CentOS 7

ruby-on-rails centos nginx security url

2022-09-30 13:55

1 Answers

As a result of the investigation, the problem was that the AWS WAF configuration blocked URLs containing ://.

2022-09-30 13:55

If you have any answers or tips

© 2023 OneMinuteCode. All rights reserved.