Twitter incompatibility

S
Saint
  • 19 May '24
I need some help with a Nginx,. Twitter problem
please open a twitter client x.com
and post this link
https://patrician.org/22a51cfb-7d5b-4a97-a687-a10cd1946766/
and then open a new client and post
https://xlong.org/p/a3622727-4df1-46f3-aee8-ee0a43194906/

in the first case, it's an Apache server, and X pulls the twitter card just fine
in the second, it fails, it posts the link as is, very ugly, no image
both link works, but only Apache allows twitter to work as intended,
pulling image called "twitter:card"

I tried with both on and off versions of
underscores_in_headers on;
ignore_invalid_headers on;

my configuration is:

http {
client_body_buffer_size 150M;
client_max_body_size 150M;
    include       mime.types;
    default_type  'text/html; charset=UTF-8';

#application/octet-stream;

    types {
        # Common video formats
        video/ogg                   ogv;
        video/x-matroska            mkv;
        application/xml             xml;
}

ssl_buffer_size 4k;
ssl_session_cache shared:SSL:1m; # holds approx 4000 sessions
ssl_session_timeout 1h; # 1 hour during which sessions can be re-used.
ssl_session_tickets off;
#ssl_protocols TLSv1.2 TLSv1.3;
sendfile        on;
tcp_nopush     on;
tcp_nodelay     on;
gzip on;
gzip_vary on;
gzip_min_length 10240;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css text/xml text/javascript
application/x-javascript application/xml;
gzip_disable "MSIE [1-6]\.";
keepalive_timeout  65;
types_hash_max_size 2048;
proxy_headers_hash_max_size 1024;
proxy_headers_hash_bucket_size 128;
server_tokens off;
log_format custom '"$host" $remote_addr - $remote_user [$time_local] '
                        '"$request" $status $body_bytes_sent '
                        '"$http_referer" "$http_user_agent"';

error_log  /var/log/nginx/error.log error;
access_log /var/log/nginx/access.log custom;
underscores_in_headers on;
ignore_invalid_headers on;
J
J
  • 19 May '24
Hello,

On Sun, 19 May 2024 16:47:02 -0400
Saint Michael <venefax at gmail.com> wrote:

> I need some help with a Nginx,. Twitter problem
> please open a twitter client x.com
> and post this link
> https://patrician.org/22a51cfb-7d5b-4a97-a687-a10cd1946766/
> and then open a new client and post
> https://xlong.org/p/a3622727-4df1-46f3-aee8-ee0a43194906/
> 
> in the first case, it's an Apache server, and X pulls the twitter card just fine
> in the second, it fails, it posts the link as is, very ugly, no image
> both link works, but only Apache allows twitter to work as intended,
> pulling image called "twitter:card"

When accessing the new page's twitter:image target image directly I see
the following: 

curl http://ssnode1.minixel.com/p/papel-literario-2.jpg -i
HTTP/1.1 200 OK
Server: openresty
Date: Sun, 19 May 2024 22:07:18 GMT
Content-Type: image/jpeg
Content-Length: 93273
Last-Modified: Mon, 29 Apr 2024 23:52:26 GMT
Connection: keep-alive
ETag: "663032ba-16c59"
Cache-Control:
no-cache,: no-store, must-revalidate
Access-Control-Allow-Origin: *
Pragma: no-cache
Accept-Ranges: bytes
...

A) Cache Control header appears to be malformed, notice it's contents
are in it's own header, and Cache-Control is empty.

B) Twitter actually caches and serves preview image, they do not link
directly to image on your site - perhaps just try removing
Cache-Control header and Pragma: no-cache altogether.

Old version has neither of these issues (see below).

curl -i http://patrician.org/papel-literario-2.jpg -L
HTTP/1.1 301 Moved Permanently
Date: Sun, 19 May 2024 22:11:29 GMT
Server: Apache/2.4.37 (CentOS Stream) OpenSSL/1.1.1k
Location: https://patrician.org/papel-literario-2.jpg
Content-Length: 251
Content-Type: text/html; charset=iso-8859-1

HTTP/1.1 200 OK
Date: Sun, 19 May 2024 22:11:29 GMT
Server: Apache/2.4.37 (CentOS Stream) OpenSSL/1.1.1k
Last-Modified: Sun, 19 May 2024 16:15:57 GMT
ETag: "16c59-618d0e65ae1e3"
Accept-Ranges: bytes
Content-Length: 93273
Content-Type: image/jpeg
...

Old version does also do http->https redirect, although I wouldn't
think lack of that would cause an issue.

Just as an aside you can use twitter card validator here[1] to validate
cards - xlong.org domain's version of page currently shows
"internal server error" for me, old domain passes checks.

[1] https://cards-dev.twitter.com/validator
S
Saint
  • 20 May '24
Fixed, many thanks. I had asked ChatGPT 4o and it could not help.

On Sun, May 19, 2024 at 6:28 PM J Carter <jordanc.carter at outlook.com> wrote:
>
> Hello,
>
> On Sun, 19 May 2024 16:47:02 -0400
> Saint Michael <venefax at gmail.com> wrote:
>
> > I need some help with a Nginx,. Twitter problem
> > please open a twitter client x.com
> > and post this link
> > https://patrician.org/22a51cfb-7d5b-4a97-a687-a10cd1946766/
> > and then open a new client and post
> > https://xlong.org/p/a3622727-4df1-46f3-aee8-ee0a43194906/
> >
> > in the first case, it's an Apache server, and X pulls the twitter card just fine
> > in the second, it fails, it posts the link as is, very ugly, no image
> > both link works, but only Apache allows twitter to work as intended,
> > pulling image called "twitter:card"
>
> When accessing the new page's twitter:image target image directly I see
> the following:
>
> curl http://ssnode1.minixel.com/p/papel-literario-2.jpg -i
> HTTP/1.1 200 OK
> Server: openresty
> Date: Sun, 19 May 2024 22:07:18 GMT
> Content-Type: image/jpeg
> Content-Length: 93273
> Last-Modified: Mon, 29 Apr 2024 23:52:26 GMT
> Connection: keep-alive
> ETag: "663032ba-16c59"
> Cache-Control:
> no-cache,: no-store, must-revalidate
> Access-Control-Allow-Origin: *
> Pragma: no-cache
> Accept-Ranges: bytes
> ...
>
> A) Cache Control header appears to be malformed, notice it's contents
> are in it's own header, and Cache-Control is empty.
>
> B) Twitter actually caches and serves preview image, they do not link
> directly to image on your site - perhaps just try removing
> Cache-Control header and Pragma: no-cache altogether.
>
> Old version has neither of these issues (see below).
>
> curl -i http://patrician.org/papel-literario-2.jpg -L
> HTTP/1.1 301 Moved Permanently
> Date: Sun, 19 May 2024 22:11:29 GMT
> Server: Apache/2.4.37 (CentOS Stream) OpenSSL/1.1.1k
> Location: https://patrician.org/papel-literario-2.jpg
> Content-Length: 251
> Content-Type: text/html; charset=iso-8859-1
>
> HTTP/1.1 200 OK
> Date: Sun, 19 May 2024 22:11:29 GMT
> Server: Apache/2.4.37 (CentOS Stream) OpenSSL/1.1.1k
> Last-Modified: Sun, 19 May 2024 16:15:57 GMT
> ETag: "16c59-618d0e65ae1e3"
> Accept-Ranges: bytes
> Content-Length: 93273
> Content-Type: image/jpeg
> ...
>
> Old version does also do http->https redirect, although I wouldn't
> think lack of that would cause an issue.
>
> Just as an aside you can use twitter card validator here[1] to validate
> cards - xlong.org domain's version of page currently shows
> "internal server error" for me, old domain passes checks.
>
> [1] https://cards-dev.twitter.com/validator
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> https://mailman.nginx.org/mailman/listinfo/nginx
  • Page 1 of 1
Reply