Re: Apache 403 with API PUT Requests
I switched it this morning to run as it's own VHost, but I also have it using lighttpd + fastcgi now. It worked without a hitch, so I think I'm just going to leave it this way and not bother with apache. A link I found listed a 503 as apache's default response to "PUT" requests, so I was probably running in to that. Thanks for your help! On Wednesday, September 12, 2012 4:11:14 PM UTC-6, Brian Armstrong wrote: > > Yes, it runs a couple things. I think, though, that I'm going to move it > to a different machine where I can run it as it's own vhost, rather than as > a path under the main vhost, and see if that fixes the issues. > > If not, it's probably an apache issue. I mostly just wanted to figure out > if anyone had run into it before. I'll post an update if moving it to a > dedicated vhost makes the difference. > > > On Wednesday, September 12, 2012 3:31:35 PM UTC-6, Christian Hammond wrote: >> >> Is there anything else hosted on that Apache? It is indeed never getting >> to Review Board, and it sounds like something else is taking some ownership >> of that path. >> >> Christian >> >> >> >> On Sep 12, 2012, at 13:17, Brian Armstrong wrote: >> >> The Limit and Script directives are there from attempts to get it to >> work. As far as I can tell, they don't have any effect. I didn't have them >> when I first started getting the error, and - after removing - I still get >> it. I can get the error with or without cookies. When I use curl, I am >> sending along my auth information using '-u', which works just fine with >> POST. >> >> This seems like it is apache throwing the error, not django, but I'm just >> not sure what to do to fix it. >> >> I'm using: >> Firefox 15.0.1 >> ReviewBoard 1.6.11 >> Django 1.3.3 (final) >> Apache/2.2.3 >> Python 2.6.8 >> CentOS release 5.8 (Final) >> SELinux is disabled >> >> URL: >> PUT https://hostsite.com/reviews/api/review-requests/1/draft/ >> >> Request Data: >> api_format=json&description=Updating+description >> >> Request Headers >> Accept application/json, text/javascript, */* >> Accept-Encoding gzip, deflate >> Accept-Language en-us,en;q=0.5 >> Connection keep-alive >> Content-Length 48 >> Content-Type application/x-www-form-urlencoded; charset=UTF-8 >> Cookie rbsessionid=f9e5be5681ed545045d698d53ea4ff9f; (etc) >> DNT 1 >> Host hostsite.com >> Referer https://hostsite.com/reviews/r/1/ >> User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:15.0) >> Gecko/20100101 Firefox/15.0.1 >> X-Requested-With XMLHttpRequest >> >> Response: >> >> >> 403 Forbidden >> >> Forbidden >> You don't have permission to access >> /reviews/api/review-requests/1/draft/ >> on this server. >> >> >> Response Headers >> Connection close >> Content-Encoding gzip >> Content-Length 198 >> Content-Type text/html; charset=iso-8859-1 >> Date Wed, 12 Sep 2012 20:06:53 GMT >> Server Apache/2.2.3 (CentOS) >> Vary Accept-Encoding >> >> >> On Wednesday, September 12, 2012 1:22:31 PM UTC-6, Christian Hammond >> wrote: >>> >>> Hi Brian, >>> >>> Haven't seen that before. Well, first thing that stands out to me is >>> that you shouldn't need the Limit/Script lines, do I'd get rid of them. >>> >>> You can get the 403 if you don't have cookies working right. >>> >>> Which version of Review Board are you using, and which browser? >>> >>> Most browsers have built-in development tools now, and you should be >>> able to see the network activity. Can you find that, bring it up, and then >>> reproduce it? You should be able to see the headers and the >>> request/responses. If you can provide all these, it'd help me narrow it >>> down. >>> >>> Christian >>> >>> >>> >>> On Sep 12, 2012, at 11:24, Brian Armstrong wrote: >>> >>> I am running reviewboard at the "/reviews" url of a server that handles >>> many different things. Whenever I try to edit a review it makes an ajax PUT >>> request to the API to update the item I changed. >>> >>> Here is what the "Server Error Details" shows me >>> >>> *Error Code:* 403 >>> >>> *Error Text:* Forbidden >>> >>> *Request URL:* /reviews/api/review-requests/1/draft/ >>> >>> *Request Data:* summary=Changing+the+summary >>> >>> This is being caused by apache2 (CentOS 5) with mod_wsgi. The only >>> thing I get is an entry in the access log telling me the request was 403'd, >>> nothing else. >>> >>> When using curl, I can get the requests to work every time by using POST >>> instead of PUT. >>> >>> >>> Here is the config section specific to reviewboard >>> >>> WSGIPassAuthorization On >>> WSGIScriptAlias /reviews /var/reviewboard/ >>> rb.dev.qualtrics.com/htdocs/reviewboard.wsgi/reviews >>> >>> AllowOverride All >>> Options -Indexes FollowSymLinks +ExecCGI >>> >>> Order allow,deny >>> Allow from all >>> >>> >>> Allow from all >>> >>> Script PUT /reviews >>> Script DELETE /reviews >>> >>> # Static media for reviewboard >>> Alias /reviews/media /var/reviewboard/rb.dev.qualtrics.com/htdoc
Re: Apache 403 with API PUT Requests
Yes, it runs a couple things. I think, though, that I'm going to move it to a different machine where I can run it as it's own vhost, rather than as a path under the main vhost, and see if that fixes the issues. If not, it's probably an apache issue. I mostly just wanted to figure out if anyone had run into it before. I'll post an update if moving it to a dedicated vhost makes the difference. On Wednesday, September 12, 2012 3:31:35 PM UTC-6, Christian Hammond wrote: > > Is there anything else hosted on that Apache? It is indeed never getting > to Review Board, and it sounds like something else is taking some ownership > of that path. > > Christian > > > > On Sep 12, 2012, at 13:17, Brian Armstrong > > wrote: > > The Limit and Script directives are there from attempts to get it to work. > As far as I can tell, they don't have any effect. I didn't have them when > I first started getting the error, and - after removing - I still get it. > I can get the error with or without cookies. When I use curl, I am > sending along my auth information using '-u', which works just fine with > POST. > > This seems like it is apache throwing the error, not django, but I'm just > not sure what to do to fix it. > > I'm using: > Firefox 15.0.1 > ReviewBoard 1.6.11 > Django 1.3.3 (final) > Apache/2.2.3 > Python 2.6.8 > CentOS release 5.8 (Final) > SELinux is disabled > > URL: > PUT https://hostsite.com/reviews/api/review-requests/1/draft/ > > Request Data: > api_format=json&description=Updating+description > > Request Headers > Accept application/json, text/javascript, */* > Accept-Encoding gzip, deflate > Accept-Language en-us,en;q=0.5 > Connection keep-alive > Content-Length 48 > Content-Type application/x-www-form-urlencoded; charset=UTF-8 > Cookie rbsessionid=f9e5be5681ed545045d698d53ea4ff9f; (etc) > DNT 1 > Host hostsite.com > Referer https://hostsite.com/reviews/r/1/ > User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:15.0) > Gecko/20100101 Firefox/15.0.1 > X-Requested-With XMLHttpRequest > > Response: > > > 403 Forbidden > > Forbidden > You don't have permission to access > /reviews/api/review-requests/1/draft/ > on this server. > > > Response Headers > Connection close > Content-Encoding gzip > Content-Length 198 > Content-Type text/html; charset=iso-8859-1 > Date Wed, 12 Sep 2012 20:06:53 GMT > Server Apache/2.2.3 (CentOS) > Vary Accept-Encoding > > > On Wednesday, September 12, 2012 1:22:31 PM UTC-6, Christian Hammond wrote: >> >> Hi Brian, >> >> Haven't seen that before. Well, first thing that stands out to me is that >> you shouldn't need the Limit/Script lines, do I'd get rid of them. >> >> You can get the 403 if you don't have cookies working right. >> >> Which version of Review Board are you using, and which browser? >> >> Most browsers have built-in development tools now, and you should be able >> to see the network activity. Can you find that, bring it up, and then >> reproduce it? You should be able to see the headers and the >> request/responses. If you can provide all these, it'd help me narrow it >> down. >> >> Christian >> >> >> >> On Sep 12, 2012, at 11:24, Brian Armstrong wrote: >> >> I am running reviewboard at the "/reviews" url of a server that handles >> many different things. Whenever I try to edit a review it makes an ajax PUT >> request to the API to update the item I changed. >> >> Here is what the "Server Error Details" shows me >> >> *Error Code:* 403 >> >> *Error Text:* Forbidden >> >> *Request URL:* /reviews/api/review-requests/1/draft/ >> >> *Request Data:* summary=Changing+the+summary >> >> This is being caused by apache2 (CentOS 5) with mod_wsgi. The only thing >> I get is an entry in the access log telling me the request was 403'd, >> nothing else. >> >> When using curl, I can get the requests to work every time by using POST >> instead of PUT. >> >> >> Here is the config section specific to reviewboard >> >> WSGIPassAuthorization On >> WSGIScriptAlias /reviews /var/reviewboard/ >> rb.dev.qualtrics.com/htdocs/reviewboard.wsgi/reviews >> >> AllowOverride All >> Options -Indexes FollowSymLinks +ExecCGI >> >> Order allow,deny >> Allow from all >> >> >> Allow from all >> >> Script PUT /reviews >> Script DELETE /reviews >> >> # Static media for reviewboard >> Alias /reviews/media /var/reviewboard/rb.dev.qualtrics.com/htdocs/media >> Alias /reviews/errordocs /var/reviewboard/ >> rb.dev.qualtrics.com/htdocs/errordocs >> Alias /reviews/favicon.ico /var/reviewboard/ >> rb.dev.qualtrics.com/htdocs/media/rbcommons/images/favicon.png >> >> I have searched the internet for hours trying to find a solution (since I >> know 403 is the default response to PUT requests with apache), but I >> haven't been able to find anything that works. I haven't been able to find >> anything relevant in this mailing list either. >> >> Wondering if anyone has any insight... >> >> -- >> Want to help the Review Board
Re: Apache 403 with API PUT Requests
Is there anything else hosted on that Apache? It is indeed never getting to Review Board, and it sounds like something else is taking some ownership of that path. Christian On Sep 12, 2012, at 13:17, Brian Armstrong wrote: > The Limit and Script directives are there from attempts to get it to work. > As far as I can tell, they don't have any effect. I didn't have them when I > first started getting the error, and - after removing - I still get it. I > can get the error with or without cookies. When I use curl, I am sending > along my auth information using '-u', which works just fine with POST. > > This seems like it is apache throwing the error, not django, but I'm just not > sure what to do to fix it. > > I'm using: > Firefox 15.0.1 > ReviewBoard 1.6.11 > Django 1.3.3 (final) > Apache/2.2.3 > Python 2.6.8 > CentOS release 5.8 (Final) > SELinux is disabled > > URL: > PUT https://hostsite.com/reviews/api/review-requests/1/draft/ > > Request Data: > api_format=json&description=Updating+description > > Request Headers > Acceptapplication/json, text/javascript, */* > Accept-Encoding gzip, deflate > Accept-Language en-us,en;q=0.5 > Connectionkeep-alive > Content-Length48 > Content-Type application/x-www-form-urlencoded; charset=UTF-8 > Cookierbsessionid=f9e5be5681ed545045d698d53ea4ff9f; (etc) > DNT 1 > Host hostsite.com > Referer https://hostsite.com/reviews/r/1/ > User-AgentMozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:15.0) > Gecko/20100101 Firefox/15.0.1 > X-Requested-With XMLHttpRequest > > Response: > > > 403 Forbidden > > Forbidden > You don't have permission to access /reviews/api/review-requests/1/draft/ > on this server. > > > Response Headers > Connectionclose > Content-Encoding gzip > Content-Length198 > Content-Type text/html; charset=iso-8859-1 > Date Wed, 12 Sep 2012 20:06:53 GMT > ServerApache/2.2.3 (CentOS) > Vary Accept-Encoding > > > On Wednesday, September 12, 2012 1:22:31 PM UTC-6, Christian Hammond wrote: > Hi Brian, > > Haven't seen that before. Well, first thing that stands out to me is that you > shouldn't need the Limit/Script lines, do I'd get rid of them. > > You can get the 403 if you don't have cookies working right. > > Which version of Review Board are you using, and which browser? > > Most browsers have built-in development tools now, and you should be able to > see the network activity. Can you find that, bring it up, and then reproduce > it? You should be able to see the headers and the request/responses. If you > can provide all these, it'd help me narrow it down. > > Christian > > > > On Sep 12, 2012, at 11:24, Brian Armstrong wrote: > >> I am running reviewboard at the "/reviews" url of a server that handles many >> different things. Whenever I try to edit a review it makes an ajax PUT >> request to the API to update the item I changed. >> >> Here is what the "Server Error Details" shows me >> Error Code: 403 >> >> Error Text: Forbidden >> >> Request URL: /reviews/api/review-requests/1/draft/ >> >> Request Data: summary=Changing+the+summary >> >> >> This is being caused by apache2 (CentOS 5) with mod_wsgi. The only thing I >> get is an entry in the access log telling me the request was 403'd, nothing >> else. >> >> When using curl, I can get the requests to work every time by using POST >> instead of PUT. >> >> >> Here is the config section specific to reviewboard >> >> WSGIPassAuthorization On >> WSGIScriptAlias /reviews >> /var/reviewboard/rb.dev.qualtrics.com/htdocs/reviewboard.wsgi/reviews >> >> AllowOverride All >> Options -Indexes FollowSymLinks +ExecCGI >> >> Order allow,deny >> Allow from all >> >> >> Allow from all >> >> Script PUT /reviews >> Script DELETE /reviews >> >> # Static media for reviewboard >> Alias /reviews/media /var/reviewboard/rb.dev.qualtrics.com/htdocs/media >> Alias /reviews/errordocs >> /var/reviewboard/rb.dev.qualtrics.com/htdocs/errordocs >> Alias /reviews/favicon.ico >> /var/reviewboard/rb.dev.qualtrics.com/htdocs/media/rbcommons/images/favicon.png >> >> I have searched the internet for hours trying to find a solution (since I >> know 403 is the default response to PUT requests with apache), but I haven't >> been able to find anything that works. I haven't been able to find anything >> relevant in this mailing list either. >> >> Wondering if anyone has any insight... >> -- >> Want to help the Review Board project? Donate today at >> http://www.reviewboard.org/donate/ >> Happy user? Let us know at http://www.reviewboard.org/users/ >> -~--~~~~--~~--~--~--- >> To unsubscribe from this group, send email to reviewboard...@googlegroups.com >> For more options, visit this group at >> http://groups.google.com/group/reviewboard?hl=en > > -- > Want to help the Review Board project? Donate today at > http://w
Re: Apache 403 with API PUT Requests
The Limit and Script directives are there from attempts to get it to work. As far as I can tell, they don't have any effect. I didn't have them when I first started getting the error, and - after removing - I still get it. I can get the error with or without cookies. When I use curl, I am sending along my auth information using '-u', which works just fine with POST. This seems like it is apache throwing the error, not django, but I'm just not sure what to do to fix it. I'm using: Firefox 15.0.1 ReviewBoard 1.6.11 Django 1.3.3 (final) Apache/2.2.3 Python 2.6.8 CentOS release 5.8 (Final) SELinux is disabled URL: PUT https://hostsite.com/reviews/api/review-requests/1/draft/ Request Data: api_format=json&description=Updating+description Request Headers Accept application/json, text/javascript, */* Accept-Encoding gzip, deflate Accept-Language en-us,en;q=0.5 Connection keep-alive Content-Length 48 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Cookie rbsessionid=f9e5be5681ed545045d698d53ea4ff9f; (etc) DNT 1 Host hostsite.com Referer https://hostsite.com/reviews/r/1/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:15.0) Gecko/20100101 Firefox/15.0.1 X-Requested-With XMLHttpRequest Response: 403 Forbidden Forbidden You don't have permission to access /reviews/api/review-requests/1/draft/ on this server. Response Headers Connection close Content-Encoding gzip Content-Length 198 Content-Type text/html; charset=iso-8859-1 Date Wed, 12 Sep 2012 20:06:53 GMT Server Apache/2.2.3 (CentOS) Vary Accept-Encoding On Wednesday, September 12, 2012 1:22:31 PM UTC-6, Christian Hammond wrote: > > Hi Brian, > > Haven't seen that before. Well, first thing that stands out to me is that > you shouldn't need the Limit/Script lines, do I'd get rid of them. > > You can get the 403 if you don't have cookies working right. > > Which version of Review Board are you using, and which browser? > > Most browsers have built-in development tools now, and you should be able > to see the network activity. Can you find that, bring it up, and then > reproduce it? You should be able to see the headers and the > request/responses. If you can provide all these, it'd help me narrow it > down. > > Christian > > > > On Sep 12, 2012, at 11:24, Brian Armstrong > > wrote: > > I am running reviewboard at the "/reviews" url of a server that handles > many different things. Whenever I try to edit a review it makes an ajax PUT > request to the API to update the item I changed. > > Here is what the "Server Error Details" shows me > > *Error Code:* 403 > > *Error Text:* Forbidden > > *Request URL:* /reviews/api/review-requests/1/draft/ > > *Request Data:* summary=Changing+the+summary > > This is being caused by apache2 (CentOS 5) with mod_wsgi. The only thing > I get is an entry in the access log telling me the request was 403'd, > nothing else. > > When using curl, I can get the requests to work every time by using POST > instead of PUT. > > > Here is the config section specific to reviewboard > > WSGIPassAuthorization On > WSGIScriptAlias /reviews /var/reviewboard/ > rb.dev.qualtrics.com/htdocs/reviewboard.wsgi/reviews > > AllowOverride All > Options -Indexes FollowSymLinks +ExecCGI > > Order allow,deny > Allow from all > > > Allow from all > > Script PUT /reviews > Script DELETE /reviews > > # Static media for reviewboard > Alias /reviews/media /var/reviewboard/rb.dev.qualtrics.com/htdocs/media > Alias /reviews/errordocs /var/reviewboard/ > rb.dev.qualtrics.com/htdocs/errordocs > Alias /reviews/favicon.ico /var/reviewboard/ > rb.dev.qualtrics.com/htdocs/media/rbcommons/images/favicon.png > > I have searched the internet for hours trying to find a solution (since I > know 403 is the default response to PUT requests with apache), but I > haven't been able to find anything that works. I haven't been able to find > anything relevant in this mailing list either. > > Wondering if anyone has any insight... > > -- > Want to help the Review Board project? Donate today at > http://www.reviewboard.org/donate/ > Happy user? Let us know at http://www.reviewboard.org/users/ > -~--~~~~--~~--~--~--- > To unsubscribe from this group, send email to > reviewboard...@googlegroups.com > For more options, visit this group at > http://groups.google.com/group/reviewboard?hl=en > > -- Want to help the Review Board project? Donate today at http://www.reviewboard.org/donate/ Happy user? Let us know at http://www.reviewboard.org/users/ -~--~~~~--~~--~--~--- To unsubscribe from this group, send email to reviewboard+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/reviewboard?hl=en
Re: Apache 403 with API PUT Requests
Hi Brian, Haven't seen that before. Well, first thing that stands out to me is that you shouldn't need the Limit/Script lines, do I'd get rid of them. You can get the 403 if you don't have cookies working right. Which version of Review Board are you using, and which browser? Most browsers have built-in development tools now, and you should be able to see the network activity. Can you find that, bring it up, and then reproduce it? You should be able to see the headers and the request/responses. If you can provide all these, it'd help me narrow it down. Christian On Sep 12, 2012, at 11:24, Brian Armstrong wrote: > I am running reviewboard at the "/reviews" url of a server that handles many > different things. Whenever I try to edit a review it makes an ajax PUT > request to the API to update the item I changed. > > Here is what the "Server Error Details" shows me > Error Code: 403 > > Error Text: Forbidden > > Request URL: /reviews/api/review-requests/1/draft/ > > Request Data: summary=Changing+the+summary > > > This is being caused by apache2 (CentOS 5) with mod_wsgi. The only thing I > get is an entry in the access log telling me the request was 403'd, nothing > else. > > When using curl, I can get the requests to work every time by using POST > instead of PUT. > > > Here is the config section specific to reviewboard > > WSGIPassAuthorization On > WSGIScriptAlias /reviews > /var/reviewboard/rb.dev.qualtrics.com/htdocs/reviewboard.wsgi/reviews > > AllowOverride All > Options -Indexes FollowSymLinks +ExecCGI > > Order allow,deny > Allow from all > > > Allow from all > > Script PUT /reviews > Script DELETE /reviews > > # Static media for reviewboard > Alias /reviews/media /var/reviewboard/rb.dev.qualtrics.com/htdocs/media > Alias /reviews/errordocs > /var/reviewboard/rb.dev.qualtrics.com/htdocs/errordocs > Alias /reviews/favicon.ico > /var/reviewboard/rb.dev.qualtrics.com/htdocs/media/rbcommons/images/favicon.png > > I have searched the internet for hours trying to find a solution (since I > know 403 is the default response to PUT requests with apache), but I haven't > been able to find anything that works. I haven't been able to find anything > relevant in this mailing list either. > > Wondering if anyone has any insight... > -- > Want to help the Review Board project? Donate today at > http://www.reviewboard.org/donate/ > Happy user? Let us know at http://www.reviewboard.org/users/ > -~--~~~~--~~--~--~--- > To unsubscribe from this group, send email to > reviewboard+unsubscr...@googlegroups.com > For more options, visit this group at > http://groups.google.com/group/reviewboard?hl=en -- Want to help the Review Board project? Donate today at http://www.reviewboard.org/donate/ Happy user? Let us know at http://www.reviewboard.org/users/ -~--~~~~--~~--~--~--- To unsubscribe from this group, send email to reviewboard+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/reviewboard?hl=en
