Log In Register

OpenSprinkler Forums OpenSprinkler Mobile and Web App Weird problem with reverse proxy and Firefox

Viewing 1 post (of 1 total)
  • Author
    Posts
  • February 28, 2025 at 9:09 am #81436

    ipilcher
    Participant

    My OpenSprinkler controller is on an isolated “IoT” network, and I normally access it through an Apache reverse proxy that provides TLS and authentication, as well as hosting a local copy of the web UI files. This all works just fine when I use Google Chrome to access the web UI.

    When I use Firefox, after logging in (to the proxy, not the controller itself), the web page goes into an endless cycle of reloading. The log on the proxy shows repeated requests like "GET /sw.js HTTP/1.1" 304 -.

    Interestingly, Firefox works just fine when I connect directly to the controller over HTTP (using an SSH tunnel to the server on which the proxy runs). This points to some problem with the proxy configuration, but I’m at a complete loss as to what it might be.

    Here is the configuration.

    <VirtualHost 172.31.255.2:443>

        ServerName sprinklers.penurio.us
        DocumentRoot /var/www/opensprinkler
        DirectoryIndex /opensprinkler/
        DirectoryIndexRedirect on

        AddEncoding x-gzip .cgz .jgz
        AddType text/css .cgz
        AddType text/javascript .jgz

        ErrorLog /etc/httpd/logs/sprinklers_error_log
        TransferLog /etc/httpd/logs/sprinklers_access_log
        LogLevel warn

        SSLEngine on
        SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
        SSLHonorCipherOrder on
        SSLCipherSuite PROFILE=SYSTEM
        SSLProxyCipherSuite PROFILE=SYSTEM
        SSLCertificateFile /var/lib/acg/sprinklers.penurio.us.crt
        SSLCertificateKeyFile /etc/pki/tls/private/sprinklers.penurio.us/sprinklers.penurio.us.key

        # These make direct HTTP access to the web UI work
        Header always set Access-Control-Allow-Headers "*"
        Header always set Access-Control-Allow-Origin "*"

        <Location /opensprinkler/>

                ProxyPass http://172.31.252.3/ timeout=1200
                ProxyPassReverse http://172.31.252.3/

                AuthType Basic
                AuthBasicProvider ldap
                AuthName OpenSprinkler
                AuthLDAPUrl ldap://127.0.0.1/cn=users,cn=accounts,dc=penurio,dc=us?uid
                AuthLDAPCompareAsUser on
                Require ldap-group cn=sprinklers,cn=groups,cn=accounts,dc=penurio,dc=us

                # See https://opensprinkler.com/forums/topic/after-android-update-2-3-2-problems/
                Header always set Access-Control-Allow-Headers "*"
                Header always set Access-Control-Allow-Origin "*"

        </Location>

</VirtualHost>

    Anyone have any idea why this might be breaking Firefox (but not Google Chrome)?

  • Author
    Posts
Viewing 1 post (of 1 total)
  • You must be logged in to reply to this topic.

OpenSprinkler Forums OpenSprinkler Mobile and Web App Weird problem with reverse proxy and Firefox