问题描述

所以我在apache http virtualhost:80 config中有以下设置:

So I have the following settings in my apache http virtualhost :80 config:

<Location "/analytics/">
    ProxyPreserveHost On
    ProxyPass "http://192.168.1.1/"
    ProxyPassReverse "http://192.168.1.1/"
</Location>

这在使用http连接时效果很好，甚至在使用.com/.org之类的普通gTLD时甚至适用于https.

This works fine when connecting on http and even applies to https when using a normal gTLD like .com / .org.

但是在.app gTLD上使用此配置时，该配置完全无效.似乎由于.app gTLD的强制SSL HTTPS性质，它甚至没有加载Apache:80配置?

现在，当我还将上述配置添加到apache https virtualhost:443配置时，它也可以正常工作.

Now when I also add the config above to the apache https virtualhost :443 config, then it works fine.

我有一些问题:

1. 我已经花了几个小时寻找答案，如果您必须将Location/Directory/Alias指令同时应用于Apache的80和443配置中?似乎大多数时候仅将它们添加到80个就可以正常工作吗?但是不是在这种.app情况下，但是我似乎无法找到标准是什么-您必须将这些指令同时应用于80和443还是足够用于80，443会从80中获取该指令?

1. I have spent a few hours looking for an answer as to IF you HAVE to apply Location / Directory / Alias directives to both the 80 and 443 configs in Apache? It seems like they work fine when just adding them to 80 most of the time? But not in this .app case, but I cant seem to find what the standard is - do you have to apply these directives to both 80 and 443 or is 80 enough and will 443 then get that from 80?

为什么在443中需要为.app域进行设置，而对于其他gTDL却不需要?是因为浏览器只是从apache服务器更严格地加载吗? 443配置仅适用于.app，但在加载https时对其他gTDL的要求不严格?

Why is the setting needed in 443 for .app domains but not for other gTDLs? Is it because browsers are just loading more strictly from the apache server? 443 configs only for .app but less strict for other gTDLs when loading https?

其中一些正在发布，以供其他人参考，因为我在网上找不到很多，但我也对其中一些问题的答案感兴趣.

Some of this is being posted for reference for others as I could not find much online about it, but I am also interested in the answers for some of these questions.

推荐答案

当您注册您的.APP域时，您的注册服务商应向您显示一个摘录，以说明"SSL证书" (sic)是使.APP域正常工作所必需的.

When you registered your .APP domain your registrar should have (it is mandated by the registry - Google) shown to you a snippet explaining that an "SSL certificate"(sic) is required to make .APP domains work.

这意味着您只能对此TLD中的服务器名称执行HTTPS查询，而不能进行HTTP查询.

Which means that you can do only HTTPS queries and not HTTP queries to server name in this TLD.

为什么?因为Google在TTS预加载列表中注册了TLD，所以浏览器会使用该列表.出于安全原因，这使他们从不尝试HTTP查询，而仅尝试HTTPS.您仍然可以在端口80上配置W​​eb服务器，并使命令行客户端或HTTP库连接到端口80.但是主流浏览器遵循HSTS预加载列表，因此无论您对它们进行任何操作都不会打开与端口80的连接.

Why? Because Google registered the TLD in the HSTS preloading list, which is used by browsers. It makes them never attempt an HTTP query but only HTTPS, for security reasons. You can still configure a web server on port 80 and have a command line client or HTTP library connect to port 80. But mainstream browsers obey the HSTS preloading list and hence will not open a connection to port 80 no matter what you do with them.

几个月前，您可以在我对相同问题的回答中找到详细信息: https://stackoverflow.com/a/50258651/6368697

You can find details at my answer to the same question here some months ago: https://stackoverflow.com/a/50258651/6368697

这篇关于.app domian Apache指令仅添加到端口80配置中，无法加载-在其他gTLD上有效的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！