Question

Вчера я развернул новую версию своего сайта, и мои журналы заполнены

ActionController::InvalidCrossOriginRequest (Security warning: an embedded <script> tag on another site requested protected JavaScript

Я все прочитал и знаю, что это означает, но, видимо, все выглядит нормально и у меня нет никаких функциональных проблем.

Но в моем production.log у меня много ...

F, [2020-05-28T14:02:18.957326 #107534] FATAL -- : [b05e6b05-a63d-49b7-bcc4-d09c192b0115]
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] ActionController::InvalidCrossOriginRequest (Security warning: an embedded <script> tag on another site requested protected JavaScript. If you know what you're doing, go ahead and disable forgery protection on this action to permit cross-origin JavaScript embedding.):
[b05e6b05-a63d-49b7-bcc4-d09c192b0115]
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] actionpack (6.0.2.2) lib/action_controller/metal/request_forgery_protection.rb:268:in `verify_same_origin_request'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] activesupport (6.0.2.2) lib/active_support/callbacks.rb:429:in `block in make_lambda'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] activesupport (6.0.2.2) lib/active_support/callbacks.rb:250:in `block in halting'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] activesupport (6.0.2.2) lib/active_support/callbacks.rb:518:in `block in invoke_after'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] activesupport (6.0.2.2) lib/active_support/callbacks.rb:518:in `each'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] activesupport (6.0.2.2) lib/active_support/callbacks.rb:518:in `invoke_after'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] activesupport (6.0.2.2) lib/active_support/callbacks.rb:136:in `run_callbacks'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] actionpack (6.0.2.2) lib/abstract_controller/callbacks.rb:41:in `process_action'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] actionpack (6.0.2.2) lib/action_controller/metal/rescue.rb:22:in `process_action'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] actionpack (6.0.2.2) lib/action_controller/metal/instrumentation.rb:33:in `block in process_action'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] activesupport (6.0.2.2) lib/active_support/notifications.rb:180:in `block in instrument'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] activesupport (6.0.2.2) lib/active_support/notifications/instrumenter.rb:24:in `instrument'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] activesupport (6.0.2.2) lib/active_support/notifications.rb:180:in `instrument'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] actionpack (6.0.2.2) lib/action_controller/metal/instrumentation.rb:32:in `process_action'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] actionpack (6.0.2.2) lib/action_controller/metal/params_wrapper.rb:245:in `process_action'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] activerecord (6.0.2.2) lib/active_record/railties/controller_runtime.rb:27:in `process_action'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] actionpack (6.0.2.2) lib/abstract_controller/base.rb:136:in `process'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] actionview (6.0.2.2) lib/action_view/rendering.rb:39:in `process'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] actionpack (6.0.2.2) lib/action_controller/metal.rb:191:in `dispatch'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] actionpack (6.0.2.2) lib/action_controller/metal.rb:252:in `dispatch'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] actionpack (6.0.2.2) lib/action_dispatch/routing/route_set.rb:51:in `dispatch'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] actionpack (6.0.2.2) lib/action_dispatch/routing/route_set.rb:33:in `serve'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] actionpack (6.0.2.2) lib/action_dispatch/journey/router.rb:49:in `block in serve'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] actionpack (6.0.2.2) lib/action_dispatch/journey/router.rb:32:in `each'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] actionpack (6.0.2.2) lib/action_dispatch/journey/router.rb:32:in `serve'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] actionpack (6.0.2.2) lib/action_dispatch/routing/route_set.rb:837:in `call'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] rack-cors (1.1.1) lib/rack/cors.rb:100:in `call'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] remotipart (1.4.4) lib/remotipart/middleware.rb:32:in `call'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] warden (1.2.8) lib/warden/manager.rb:36:in `block in call'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] warden (1.2.8) lib/warden/manager.rb:34:in `catch'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] warden (1.2.8) lib/warden/manager.rb:34:in `call'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] rack (2.0.9) lib/rack/tempfile_reaper.rb:15:in `call'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] rack (2.0.9) lib/rack/etag.rb:25:in `call'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] rack (2.0.9) lib/rack/conditional_get.rb:25:in `call'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] rack (2.0.9) lib/rack/head.rb:12:in `call'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] actionpack (6.0.2.2) lib/action_dispatch/http/content_security_policy.rb:18:in `call'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] rack (2.0.9) lib/rack/session/abstract/id.rb:259:in `context'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] rack (2.0.9) lib/rack/session/abstract/id.rb:253:in `call'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] actionpack (6.0.2.2) lib/action_dispatch/middleware/cookies.rb:648:in `call'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] actionpack (6.0.2.2) lib/action_dispatch/middleware/callbacks.rb:27:in `block in call'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] activesupport (6.0.2.2) lib/active_support/callbacks.rb:101:in `run_callbacks'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] actionpack (6.0.2.2) lib/action_dispatch/middleware/callbacks.rb:26:in `call'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] actionpack (6.0.2.2) lib/action_dispatch/middleware/actionable_exceptions.rb:17:in `call'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] actionpack (6.0.2.2) lib/action_dispatch/middleware/debug_exceptions.rb:32:in `call'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] actionpack (6.0.2.2) lib/action_dispatch/middleware/show_exceptions.rb:33:in `call'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] railties (6.0.2.2) lib/rails/rack/logger.rb:38:in `call_app'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] railties (6.0.2.2) lib/rails/rack/logger.rb:26:in `block in call'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] activesupport (6.0.2.2) lib/active_support/tagged_logging.rb:80:in `block in tagged'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] activesupport (6.0.2.2) lib/active_support/tagged_logging.rb:28:in `tagged'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] activesupport (6.0.2.2) lib/active_support/tagged_logging.rb:80:in `tagged'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] railties (6.0.2.2) lib/rails/rack/logger.rb:26:in `call'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] actionpack (6.0.2.2) lib/action_dispatch/middleware/remote_ip.rb:81:in `call'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] actionpack (6.0.2.2) lib/action_dispatch/middleware/request_id.rb:27:in `call'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] rack (2.0.9) lib/rack/method_override.rb:22:in `call'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] rack (2.0.9) lib/rack/runtime.rb:22:in `call'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] activesupport (6.0.2.2) lib/active_support/cache/strategy/local_cache_middleware.rb:29:in `call'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] rack-rewrite (1.5.1) lib/rack/rewrite.rb:24:in `call'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] actionpack (6.0.2.2) lib/action_dispatch/middleware/executor.rb:14:in `call'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] rack (2.0.9) lib/rack/sendfile.rb:111:in `call'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] actionpack (6.0.2.2) lib/action_dispatch/middleware/host_authorization.rb:77:in `call'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] railties (6.0.2.2) lib/rails/engine.rb:526:in `call'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] puma (3.12.4) lib/puma/configuration.rb:227:in `call'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] puma (3.12.4) lib/puma/server.rb:675:in `handle_request'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] puma (3.12.4) lib/puma/server.rb:476:in `process_client'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] puma (3.12.4) lib/puma/server.rb:334:in `block in run'
[b05e6b05-a63d-49b7-bcc4-d09c192b0115] puma (3.12.4) lib/puma/thread_pool.rb:135:in `block in spawn_thread'

Мои журналы полны сообщений о фатальных ошибках. Есть ли способ понять, какой именно защищенный js вызывается и решает проблему, чтобы я мог понять, действительно ли это бот?

ActionController :: InvalidCrossOriginRequest (Предупреждение безопасности: встроенный тег <script>на другом сайте запрошен защищенным JavaScript

Пожалуйста, войдите или зарегистрируйтесь чтобы ответить на этот вопрос.

Ответы [ 0 ]

ActionController :: InvalidCrossOriginRequest (Предупреждение безопасности: встроенный тег <script>на другом сайте запрошен защищенным JavaScript

Пожалуйста, войдите или зарегистрируйтесь чтобы ответить на этот вопрос.

Ответы [ 0 ]

Нет похожих вопросов