search

Rob--W / cors-anywhere

CORS Anywhere is a NodeJS reverse proxy which adds CORS headers to the proxied request.
MIT License
8.66k stars 6.08k forks source link

Proxy server returning a 503 #368

Closed Isuru-Nanayakkara closed 3 years ago

Isuru-Nanayakkara commented 3 years ago

Hello,

I cloned and hosted cors-anywhere server on Heroku. I'm trying to call this API endpoint through it but it keeps returning a 503 Service Unavailable error.

I tried the demo server as well but nothing gets returned.

I have no issues calling other URLs like for example google.com through my heroku instance. Only my endpoint URL is giving me trouble.

Anybody has an idea on why this might be and how to resolve it?

Rob--W commented 3 years ago 
$ curl -vvv 'https://vaccine.covid19.gov.lk/cz-portal-backend-service/api/v1/vsession/list' -H 'Origin:null'
*   Trying 43.224.126.15:443...
22:30:30 * connect to 43.224.126.15 port 443 failed: Connection timed out
* Failed to connect to vaccine.covid19.gov.lk port 443: Connection timed out
* Closing connection 0
curl: (28) Failed to connect to vaccine.covid19.gov.lk port 443: Connection timed out

Looks like the destination server is not reachable. This is not an issue with CORS Anywhere.

Isuru-Nanayakkara commented 3 years ago

hmm that's strange. When I tried it, it worked.

curl -vvv 'https://vaccine.covid19.gov.lk/cz-portal-backend-service/api/v1/vsession/list' -H 'Origin:null'
*   Trying 43.224.126.15...
* TCP_NODELAY set
* Connected to vaccine.covid19.gov.lk (43.224.126.15) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/cert.pem
  CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server did not agree to a protocol
* Server certificate:
*  subject: CN=vaccine.covid19.gov.lk
*  start date: May 18 06:32:38 2021 GMT
*  expire date: Aug 16 06:32:38 2021 GMT
*  subjectAltName: host "vaccine.covid19.gov.lk" matched cert's "vaccine.covid19.gov.lk"
*  issuer: C=US; O=Let's Encrypt; CN=R3
*  SSL certificate verify ok.
> GET /cz-portal-backend-service/api/v1/vsession/list HTTP/1.1
> Host: vaccine.covid19.gov.lk
> User-Agent: curl/7.64.1
> Accept: */*
> Origin:null
> 
< HTTP/1.1 200 
< Date: Thu, 15 Jul 2021 03:03:32 GMT
< Content-Type: application/json
< Connection: keep-alive
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< Cache-Control: no-cache, no-store, max-age=0, must-revalidate
< Pragma: no-cache
< Expires: 0
< X-Frame-Options: DENY
< Content-Security-Policy: script-script 'self'
< Strict-Transport-Security: max-age=31536000; includeSubDomains
< X-XSS-Protection: 1; mode=block
< X-Content-Type-Options: nosniff
< Set-Cookie: TS01c6eae5=0162d085b306444134cb0e3de3e62df909d3ffca6aab69d185a7d9919c6808a5025418df4b6d72e94790b86edd39455c044b50ca31; Path=/; Domain=.vaccine.covid19.gov.lk
< Transfer-Encoding: chunked
< 
[{"date":"2021-07-16"," ...
Rob--W commented 3 years ago

It's possible that the server limits traffic from unexpected IP addresses, e.g. to only allow traffic from your country.

Isuru-Nanayakkara commented 3 years ago

That indeed seems to be the issue. I tried with a VPN and it times out.