serversideup
NGINX: 405 Method Not allowed when using OPTIONS request to "/" vs "index.php"
Affected Docker Images
*-fpm-nginx
Current Behavior
When an OPTIONS request is made to a URL NOT ending in .php, a "405 Method Not Allowed" is returned.
Expected Behavior
When making an OPTIONS request, it should return a "200".
Steps To Reproduce
- Use the
cores-issuebranch for latest code: https://github.com/jaydrogers/docker-php-test-app/tree/cors-issue - Use
docker compose upto bring up the containers - Test with Insomnia
Request to http://localhost
Result is 405.
Request to http://localhost/index.php
Result is 200.
Host Operating System
N/A
Docker Version
N/A
Anything else?
This issue was originally reported by @zigazajc007 via Discord.
Possible causes
- It could be related to these lines? https://github.com/serversideup/docker-php/blob/main/src/fpm-nginx/etc/nginx/site-opts.d/http.conf#L29:L38
Possible solutions
- http://invalidlogic.com/2011/04/12/serving-static-content-via-post-from-nginx/
- https://stackoverflow.com/questions/24415376/post-request-not-allowed-405-not-allowed-nginx-even-with-headers-included
Hesitations on solutions
It seems these might be quite "hacky". Would love to open this up to the community for further discussion on a stable solution.
Hello,
For my application / needs this solved the issue:
# Have NGINX try searching for PHP files as well
location / {
try_files $uri /index.php?$query_string;
}
So basically when you access / location it will redirect user to index.php with GET parameters included.
To add to this, I did more research to see what the industry is doing.
Digital Ocean acquired an NGINX configuration generator: https://www.digitalocean.com/community/tools/nginx?domains.0.php.phpServer=127.0.0.1%3A9000
In their example, have their config exactly how I have it (which I've seen in many other examples too).
I'm hesitant to remove $uri/ because I am unsure of the "blowback consequences".
Thoughts?
I talked with Andy Dawson from Nginx Community on Slack and here are some screenshots:
https://stackoverflow.com/questions/58003172/nginx-return-405-not-allowed-while-using-try-files-and-proxy-pass/58007153#58007153
Based on some research, this problem has been solved by removing $uri/ from try_files if your application does not require it.
My suggestion is to make another environment variables called something like SINGLE_PAGE_APPLICATION, SINGLE_PAGE_APP, NGINX_SINGLE_PAGE_APP, SPA or NGINX_SPA. If this variable is set to true then conf should look something like this:
# Have NGINX try searching for PHP files as well
location / {
try_files $uri /index.php?$query_string;
}
if it's set to false (Should be by default) then you can leave it like it's now:
# Have NGINX try searching for PHP files as well
location / {
try_files $uri $uri/ /index.php?$query_string;
}
https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/#front-controller-pattern-web-apps
Thank you so much for diving in deep on this and publishing official resources to reference.
I am going to ping @danpastori on this to review, but unfortunately he's quite tied up right now. The next free moment he has I have some Laravel specific questions on why we're not able to experience this issue in Laravel.
We appreciate your patience and dedication to resolving this the right way in an issue that's deep into the web application stack 😃
Possible workaround
In your own image, I wonder if you could try using sed to change that line (like what I do here: https://github.com/serversideup/docker-php/blob/main/src/fpm-nginx/etc/s6-overlay/scripts/debug-nginx#L4)?