All: I've made some more progress in that when I copy/paste the AJAX URL into my browser's address-bar, the MP3 download request is successfully made and the MP3 is downloaded (opposed to the previous examples when I clicked on the MP3 download link).
Interestingly, the copy/paste method yields an initial 302 response opposed to a 200 response with the click link method. Copy/Paste Method: GET http://example.com/ajax/inc/283544 HTTP/1.1 Host: example.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.75 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=k6o4mq4np28bdr6n2g2pbgq190; zvAuth=1; zvLang=0; ZvcurrentVolume=100; nua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F86.0.4240.75%20Safari%2F537.36; asus_token=81G3BJcZjrt06SpsxUrh; _zvBoobs_=%2F%2F_-%29 HTTP/1.1 302 Found Server: nginx/1.19.2 Date: Sun, 08 Nov 2020 14:27:53 GMT Content-Type: text/html; charset=UTF-8 Connection: keep-alive Set-Cookie: __cfduid=d2f42248bc953328459ea277d77ee62671604845673; expires=Tue, 08-Dec-20 14:27:53 GMT; path=/; domain=.example.com; HttpOnly; SameSite=Lax; Secure Location: http://example.com/download/283544 CF-Cache-Status: DYNAMIC cf-request-id: 0649dab4e200000b6bce8a6000000001 Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"; Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SRYrhqPuwCUwe1MPbJ4RGW%2F8yqt4t8UD19zHwUrcNqX94%2FD8VZ6EW1vl2dogVCCaFkeDh3%2BCwogueN4i3K6Gc5SMenGqRg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"report_to":"cf-nel","max_age":604800} CF-RAY: 5eeffa349c0d0b6b-AMS Content-Length: 0 GET http://example.com/download/283544 HTTP/1.1 Host: example.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.75 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=k6o4mq4np28bdr6n2g2pbgq190; zvAuth=1; zvLang=0; ZvcurrentVolume=100; nua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F86.0.4240.75%20Safari%2F537.36; asus_token=81G3BJcZjrt06SpsxUrh; _zvBoobs_=%2F%2F_-%29 HTTP/1.1 307 Temporary Redirect Server: nginx/1.19.2 Date: Sun, 08 Nov 2020 14:27:54 GMT Content-Type: text/html; charset=UTF-8 Connection: keep-alive Set-Cookie: __cfduid=db70304f5ae41939e5d51647d5b3dcc261604845674; expires=Tue, 08-Dec-20 14:27:54 GMT; path=/; domain=.example.com; HttpOnly; SameSite=Lax; Secure X-Robots-Tag: noindex, nofollow X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Set-Cookie: _zvBoobs_=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ Set-Cookie: _zvBoobs_=%2F%2F_-%29; expires=Mon, 09-Nov-2020 02:27:54 GMT; Max-Age=43200; path=/; domain=.example.com Location: http://st1.example.com/music/9/68/katy_perry_feat._snoop_dogg_-_california_gurls_(mstrkrft_remix_radio)_(zvukoff.ru).mp3?download=force CF-Cache-Status: DYNAMIC cf-request-id: 0649dab7760000faa08984d000000001 Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"; Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0RmfU9QT43xEgj9rH4LUrpCFAVXYh6gMubnObVJWjNxnSn4CJl5zkJVoeoD6uoEOkvVzgUOlwy%2F7KbFbat6NF8Qj0b64Ig%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"report_to":"cf-nel","max_age":604800} CF-RAY: 5eeffa38785bfaa0-AMS Content-Length: 0 GET http://st1.example.com/music/9/68/katy_perry_feat._snoop_dogg_-_california_gurls_(mstrkrft_remix_radio)_(zvukoff.ru).mp3?download=force HTTP/1.1 Host: st1.example.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.75 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9 Cookie: zvAuth=1; zvLang=0; _zvBoobs_=%2F%2F_-%29 HTTP/1.1 200 OK Server: nginx/1.19.2 Date: Sun, 08 Nov 2020 14:28:00 GMT Content-Type: application/force-download Content-Length: 6634727 Connection: keep-alive Last-Modified: Thu, 26 Jul 2012 13:19:08 GMT ETag: "501143cc-653ce7" Content-Disposition: attachment; filename=katy_perry_feat._snoop_dogg_-_california_gurls_(mstrkrft_remix_radio)_(zvukoff.ru).mp3 Accept-Ranges: bytes Nginx Access Logs (Click Link Method - Fails): 192.168.0.154 - - [08/Nov/2020:14:27:00 +0000] "GET /ajax/inc/283544 HTTP/1.1" 200 94 "http://example.com/mp3/search?keywords=california+gurls"; "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.75 Safari/537.36 Edg/86.0.622.38" Nginx Access Logs (Copy/Paste Method - Success): 192.168.0.154 - - [08/Nov/2020:14:27:53 +0000] "GET /ajax/inc/283544 HTTP/1.1" 302 5 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.75 Safari/537.36" 192.168.0.154 - - [08/Nov/2020:14:27:54 +0000] "GET /download/283544 HTTP/1.1" 307 5 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.75 Safari/537.36" 192.168.0.154 - - [08/Nov/2020:14:28:31 +0000] "GET /music/9/68/katy_perry_feat._snoop_dogg_-_california_gurls_(mstrkrft_remix_radio)_(zvukoff.ru).mp3?download=force HTTP/1.1" 200 6634727 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.75 Safari/537.36" I could use an extra set of eyes to review the requests/responses and logs to confirm whether I'm missing something. The Click Link and the Copy/Paste Methods are both going through the Nginx Reverse Proxy. Much Appreciated. Gary Posted at Nginx Forum: https://forum.nginx.org/read.php?2,289905,289916#msg-289916 _______________________________________________ nginx mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx
