Friday, August 31, 2018

URL requested a HTTP redirect, but it could not be followed. - Facebook/Nginx issue

By Hường Hana 12:00 PM , Leave a Comment

I have used Facebooks sharing debugger to highlight an issue on the website

URL requested a HTTP redirect, but it could not be followed.

https://developers.facebook.com/tools/debug/sharing/?q=https%3A%2F%2Fwww.badgerbookings.com

This is also stopping it accepting the url in the privacy policy when creating an app. enter image description here

I have researched and made sure to add all OG meta tags. I also "reduced" down the redirects on my nginx to only support a http > https redirect which to me seems pretty standard.

It still produces the error on both the debugger and the Privacy Policy URL.

My Nginx config:

server_tokens off; #Enables or disables emitting nginx version on error pages and in the “Server” response header field  map $http_upgrade $connection_upgrade {         default upgrade;         '' close; }  server {     listen 80;     server_name _;     return 301 https://www.badgerbookings.com$request_uri; }  server {         server_name www.badgerbookings.com  badgerbookings.com *.badgerbookings.com;          location / {             proxy_pass http://localhost:3000;                 proxy_http_version 1.1;                 proxy_set_header Upgrade $http_upgrade; # allow websockets                 proxy_set_header Connection $connection_upgrade;                 proxy_set_header X-Forwarded-For $remote_addr; # preserve client IP                 proxy_set_header Host $http_host;                 proxy_set_header X-Forward-Proto http;                 proxy_set_header X-Nginx-Proxy true;          }      listen 443 ssl; # managed by Certbot     ssl_certificate /etc/letsencrypt/live/badgerbookings.com-0001/fullchain.pem; # managed by Certbot     ssl_certificate_key /etc/letsencrypt/live/badgerbookings.com-0001/privkey.pem; # managed by Certbot     include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot     ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot  }

2 Answers

Answers 1

Go to Facebook Developer's policy page.

Scroll down to this bit:

Privacy Policy

a. Provide a publicly available and easily accessible privacy policy that explains what data you are collecting and how you will use that data.

Now run

curl https://badgerbookings.com/terms

Are you looking at an easily accessible privacy policy which is publicly available at that url?

Answers 2

You maybe having IPv6 issues which can be resolved as simple as adding a listen [::]:443 ssl directive in you SSL server block.

If that doesn't fix it, try redirecting with a matching if directive

if ($scheme != "https") {     return 301 https://www.badgerbookings.com$request_uri }

This is best if you unite both server blocks in one, to avoid more code. Just delete the non-https one and insert port 80 listen directives on the other one as well, with that conditional redirect, this way your code will be even slimmer.

If You Enjoyed This, Take 5 Seconds To Share It

0 comments:

Post a Comment