Forum

Hi,

I run a simple Rest API on my server and use swagger ui to test it in browser.

If I connect swagger ui local (localhost:80) with my API Server everything works fine (realy fast).

Now I use hiawatha a) for https and b) as a reverse proxy. If I use swagger to test my api with the reverse proxy, I have to wait much longer as without reverse proxy for a result:

My api shows:
192.168.33.94 - - [21/Oct/2018 16:20:38] "OPTIONS /folders/2 HTTP/1.1" 200
192.168.33.94 - - [21/Oct/2018 16:21:10] "GET /folders/2 HTTP/1.1" 200 -

=> 30 secounds between the first OPTIONS-Request and the last GET-Request. Only if I use hiawatha reverse proxy. Do you have an idea why?

Thanks!!!

- Thomas

Has nobody an idea?

Could be a bug in Hiawatha's reverse proxy or a HTTP non-compliancy in swagger while sending a request. Can you see what request swagger sends? (tip: use a network sniffer, like Wireshark).

Hi Hugo,

on the reverse proxy server I used tshark to record the communication.

Here's the file: https://www.dropbox.com/s/wzf7p4lr5a393ee/api6000_via_swagger.png?dl=0

I don't understand realy good the log, so I don't know it's that you need...

- Thomas

That doesn't help me. What I need to see is the HTTP request that causes the delay. I need something that I can use to reproduce the issue at my server.

Hi Hugo,

thanks for your answer!
I hope this is helping: https://www.dropbox.com/sh/medjqaqiugc0ugi/AAAlUN-IoCkqyP_xQJ3qsZSoa?dl=0

If not let me know what I can do...

Thanks!

- Thomas

Here is my reverse proxy configuration:



ConnectionsTotal = 1000
ConnectionsPerIP = 25

# ...

VirtualHost {
Hostname = xyz, www.xyz
ReverseProxy .* http://192.168.95.95:6000 300 keep-alive
WebsiteRoot = /hiawatha/webroot/xyz
StartFile = index.html
AccessLogfile = /hiawatha/log/xyz/access.log
ErrorLogfile = /hiawatha/log/xyz/error.log
TLSCertFile = tls/xyz.pem
}

# ...


- Thomas

What I need to see is the actual HTTP request. Something that looks like this:

GET /file.txt HTTP/1.0
Host: api.domain.tld
User-Agent: mozilla (other browser stuff)

You can verify if that's the request that blocks by using 'telnet api.domain.tld 80' or 'openssl s_client -crlf api.domain.tld:443' and copy-paste that address with an extra enter at the end. If you get a result immediately, it's not the blocking request. After the final enter (you should have an empty line at the end of your input), there should not be a response for several seconds (depending of your TimeForCGI setting).

Hi,
sorry for my late response.
Is this helping you?


1.1 Options-Request:

OPTIONS /folders HTTP/1.1
Host: api.xxxxxxxxxx.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:63.0) Gecko/20100101 Firefox/63.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: de,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type
Origin: http://dev.xxxxxxxxxx.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

1.2 Options-Response:

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Allow: HEAD, POST, GET, OPTIONS
Access-Control-Allow-Origin: http://dev.xxxxxxxxxx.de
Access-Control-Allow-Headers: authorization, content-type
Access-Control-Allow-Methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
Vary: Origin
Content-Length: 0
Server: ...
Date: Sun, 11 Nov 2018 20:42:19 GMT

2.1 Get-Request

GET /folders HTTP/1.1
Host: api.xxxxxxxxxx.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:63.0) Gecko/20100101 Firefox/63.0
Accept: application/hal+json
Accept-Language: de,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate, br
Referer: http://dev.xxxxxxxxxx.de/folders
Content-Type: application/hal+json
Authorization: Bearer eyJhbGciO......v00g
Origin: http://dev.xxxxxxxxxx.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

2.2 Get-Response

HTTP/1.1 200 OK
Content-Type: application/hal+json;utf-8
Content-Length: 49
Access-Control-Allow-Origin: *
Server: xxxxxxxxxx/0.0.1
Date: Sun, 11 Nov 2018 20:42:51 GMT