43 lines
3.6 KiB
Markdown
43 lines
3.6 KiB
Markdown
# Debug Session: cdn-backend-unreachable
|
|
|
|
- Status: OPEN
|
|
- Started: 2026-06-20
|
|
- Symptom:
|
|
- After enabling Alibaba Cloud CDN for `ticket.fse-media.group`, ticket price calculation fails.
|
|
- The ticket query page does not display ticket items.
|
|
- Constraints:
|
|
- No business logic changes before runtime evidence.
|
|
- First code change in existing files must be instrumentation only.
|
|
- Hypotheses:
|
|
1. CDN origin/path forwarding for API routes is incorrect.
|
|
2. Frontend requests use relative URLs and now point at the CDN/static origin instead of backend.
|
|
3. Backend CORS or host validation blocks requests from `ticket.fse-media.group`.
|
|
4. HTTPS, certificate, or mixed-content policy blocks API requests.
|
|
- Next steps:
|
|
1. Locate the ticket-order and ticket-query frontend request code.
|
|
2. Identify backend API base URL configuration and deployment assumptions.
|
|
3. Reproduce with browser/network evidence and add instrumentation only if needed.
|
|
- Runtime evidence:
|
|
1. Live check on `https://ticket.fse-media.group/order` shows `GET /api/public/lines`, `GET /api/public/stations`, and `GET /api/public/config` all return `200`.
|
|
2. Live check on `https://ticket.fse-media.group/search` shows `GET /api/public/tickets?q=` and `GET /api/public/popular` succeed, and the ticket list renders 23 rows.
|
|
3. Direct fetch on the live site confirms `/api/public/fares/query?from=HC-01&to=HC-02` returns valid fare data.
|
|
4. Frontend code uses same-origin relative API paths, so CDN did not break API origin resolution itself.
|
|
5. Live responses for `/ticket-order.js`, `/ticket-search.js`, and `/public-status.js` return `Cache-Control: max-age=43200`, while the affected HTML pages reference them without version query parameters.
|
|
- Hypothesis result:
|
|
1. CDN origin/path forwarding for API routes is incorrect: falsified by live `200` responses.
|
|
2. Frontend requests use relative URLs and now point at the wrong origin: falsified by successful same-origin API responses.
|
|
3. Backend CORS or host validation blocks CDN domain: falsified by successful browser fetches from the production page.
|
|
4. HTTPS/certificate/mixed-content issue on API requests: not supported by runtime API evidence.
|
|
- Root cause direction:
|
|
1. The codebase contained many hardcoded `http://ticket.fse-media.group/...` links in public pages and JS.
|
|
2. In a CDN + HTTPS deployment, these hardcoded HTTP jumps can split users onto a different protocol path and create intermittent failures or stale-cache behavior.
|
|
3. The affected public pages loaded critical JS assets without version parameters, while CDN/browser caching allowed 12-hour reuse of older scripts.
|
|
4. The booking page had an independent selection-state bug: after both endpoints were selected, clicking a new station only replaced the destination and never restarted the origin/destination flow, which made fare/path results look "stuck".
|
|
- Fix applied:
|
|
1. Replaced all hardcoded `http://ticket.fse-media.group` links in `web/*.html` and `web/*.js` with `https://ticket.fse-media.group`.
|
|
2. This keeps all public navigation, ticket detail, and token detail links on the same HTTPS/CDN path as the working API requests.
|
|
3. Added explicit version query parameters to the critical scripts in `ticket-order.html` and `ticket-search.html` so the CDN fetches a fresh asset URL after deployment.
|
|
4. Updated `ticket-order.js` so that clicking a new station after a full start/end selection restarts the selection flow and clears stale route highlights.
|
|
- Pending verification:
|
|
1. User to verify ticket price calculation and ticket search list under the CDN domain after redeploy/cache refresh.
|