无法仅通过Safari加载未经授权的资源401 [英] Failed to load resource 401 unauthorized only with Safari

问题描述

我在我的应用程序中发现了一个有趣的问题。

I'm found an interesting problem in my app.

我正在将Rails 3与ruby 2.0一起使用。我已经有一个运行我的应用程序的生产服务器和另一个登台服务器。我正在配置一个更好的新设备，但仅在Safari上有问题。

I'm using Rails 3 with ruby 2.0. I already have a production server where my app is running and another staging server. I'm configuring a new better one but I have a problem only with Safari.

Redirected to http://ip.server/
Completed 302 Found in 201.7ms (ActiveRecord: 0.0ms)
Started GET "/" for my.ip at 2014-10-13 08:17:18 +0200
Processing by DashboardController#index as HTML
Completed 401 Unauthorized in 1.2ms
Started GET "/user/sign_in" for my.ip at 2014-10-13 08:17:18 +0200
Processing by Devise::SessionsController#new as HTML
  Rendered application/_field_errors.html.erb (0.0ms)
  Rendered application/_field_errors.html.erb (0.0ms)
  Rendered devise/sessions/new.html.erb within layouts/devise (2.3ms)
Completed 200 OK in 5.5ms (Views: 3.8ms | ActiveRecord: 0.0ms)

当我检查网络选项卡时，可以看到以下内容：

When I check on the network tab, I can see this:

加载资源失败：服务器响应状态401（未经授权）

Fail to load resource: the server responded with a status of 401 (unauthorized)

一开始我以为我的问题来自Devise，但后来我在Google上进行了检查，发现：
跨浏览器问题

At the beginning I thought my problem came from Devise but then I checked on Google and find that: cross browser problem

我在Chrome上尝试过，它可以正常工作。我也尝试了没有AdBlock或私有导航的情况，但仍然无法在Safari中使用。

I tried on Chrome and it works. I tried also without AdBlock or with the private navigation but it still not working with Safari.

编辑：

我做了2个请求，一个来自Chrome， Safari的第二个。唯一的不同是此行：

I did 2 requests, one coming from Chrome and the second one from Safari. The only difference is this line:

WARNING: Can't verify CSRF token authenticity

编辑2：

我已经评论了这一行我的 ApplicationController.rb 上的 protect_from_forgery ，最后这个错误（关于CSRF）与我的问题无关。

I've commented the line protect_from_forgery on my ApplicationController.rb and finally this error (about CSRF) wasn't responsible for my problem.

在尝试使用Chrome和Safari时，这里出现堆栈。

Here my stacks when I try with Chrome and with Safari.

使用Chrome：

Started POST "/user/sign_in" for my.ip at 2014-10-14 13:27:51 +0200
Processing by Devise::SessionsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"c86MNR4MCSbQWJiAjkGtgfgPMg5YirG1tqf/2vqdBWc=", "user"=>{"email"=>"test@example.com", "password"=>"[FILTERED]", "remember_me"=>"0"}}
User Load (0.4ms)  SELECT `users`.* FROM `users` WHERE `users`.`email` = 'test@example.com' LIMIT 1
(0.1ms)  BEGIN
WARNING: User#current is nil, are you including SentientController on your ApplicationController?
(0.3ms)  UPDATE `users` SET `last_sign_in_at` = '2014-10-14 11:26:45', `current_sign_in_at` = '2014-10-14 11:27:51', `sign_in_count` = 52, `updated_at` = '2014-10-14 11:27:51' WHERE `users`.`type` IN ('User::Admin') AND `users`.`id` = 1
(26.1ms)  COMMIT
Redirected to http://server.ip/
Completed 302 Found in 135.6ms (ActiveRecord: 0.0ms)
Started GET "/" for my.ip at 2014-10-14 13:27:51 +0200
Processing by DashboardController#index as HTML
User Load (0.4ms)  SELECT `users`.* FROM `users` WHERE `users`.`id` = 1 LIMIT 1
server.ip  Rendered dashboard/index.html.erb within layouts/application (2.5ms)
Rendered application/_header.html.slim (57.6ms)
Rendered application/_sidebar.html.erb (48.1ms)
Rendered application/_page_header.html.slim (2.0ms)
Rendered application/_flash_messages.html.erb (0.5ms)
Rendered application/_footer.html.erb (0.8ms)
Completed 200 OK in 137.5ms (Views: 122.9ms | ActiveRecord: 5.1ms)

使用Safari：

Started POST "/user/sign_in" for my.ip at 2014-10-14 13:27:58 +0200
Processing by Devise::SessionsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"TWKhSxus5q46H9sZdEvMnzD52r0zA5phw/Pv7K+NKuY=", "user"=>{"email"=>"test@example.com", "password"=>"[FILTERED]", "remember_me"=>"0"}}
User Load (0.4ms)  SELECT `users`.* FROM `users` WHERE `users`.`email` = 'test@example.com' LIMIT 1
(0.1ms)  BEGIN
(0.3ms)  UPDATE `users` SET `last_sign_in_at` = '2014-10-14 11:27:51', `current_sign_in_at` = '2014-10-14 11:27:58', `sign_in_count` = 53, `updated_at` = '2014-10-14 11:27:58' WHERE `users`.`type` IN ('User::Admin') AND `users`.`id` = 1
(24.8ms)  COMMIT
Redirected to http://server.ip/
Completed 302 Found in 138.2ms (ActiveRecord: 0.0ms)
Started GET "/" for my.ip at 2014-10-14 13:27:58 +0200
Processing by DashboardController#index as HTML
Completed 401 Unauthorized in 1.2ms
Started GET "/user/sign_in" for my.ip at 2014-10-14 13:27:58 +0200
Processing by Devise::SessionsController#new as HTML
Rendered application/_field_errors.html.erb (0.0ms)
Rendered application/_field_errors.html.erb (0.0ms)
Rendered devise/sessions/new.html.erb within layouts/devise (2.2ms)
Completed 200 OK in 5.2ms (Views: 3.7ms | ActiveRecord: 0.0ms)

推荐答案

问题已解决。它根本不是来自我的应用程序，而是来自我的DNS重定向。我对测试进行了简单的Web重定向，却忘记添加DNS重定向。

Problem solved. It was not at all coming from my app but from my DNS redirection. I put an simple web redirection for tests and I forgot to add DNS redirection.

现在一切正常。

我希望这会对其他人有所帮助！

I hope this will help someone else!

这篇关于无法仅通过Safari加载未经授权的资源401的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！