search

Mika- / torrent-control

Firefox extension for adding torrents to remote clients.
https://addons.mozilla.org/addon/torrent-control/
179 stars 25 forks source link

JSON.parse error when adding torrent. #172

Closed deafmute1 closed 3 weeks ago

deafmute1 commented 3 weeks ago

Suddenly keep getting this error, have tried from a few different trackers and restarting my client.

Screenshot 2024-10-31 at 18 18 19

Firefox 132.0 (MacOS) Torrent Control 0.2.41 Transmission 4.0.5 (Linux/Docker)

Mika- commented 3 weeks ago

That likely happens when Transmission returns unknown response on login.

Can you include more info about those requests? You can view them by opening debugger (Menu > Addons > Gear icon > Debug Addons > Inspect on Torrent Control) newly made requests show up in the Network tab.

deafmute1 commented 3 weeks ago

That likely happens when Transmission returns unknown response on login.

Can you include more info about those requests? You can view them by opening debugger (Menu > Addons > Gear icon > Debug Addons > Inspect on Torrent Control) newly made requests show up in the Network tab.

This is the error response:

409: Conflict

Your request had an invalid session-id header.

To fix this, follow these steps:

    When reading a response, get its X-Transmission-Session-Id header and remember it
    Add the updated header to your outgoing requests
    When you get this 409 error message, resend your request with the updated header

This requirement has been added to help prevent [CSRF](https://en.wikipedia.org/wiki/Cross-site_request_forgery) attacks.

X-Transmission-Session-Id:

Request Headers:

POST /transmission/rpc HTTP/2
Host: user.bt.l.def.au
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:132.0) Gecko/20100101 Firefox/132.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br, zstd
content-type: application/json
Content-Length: 66112
Origin: moz-extension://0c0e2c01-c253-4e84-a935-4f960a7484c6
DNT: 1
Sec-GPC: 1
Authorization: Basic 
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Priority: u=4
TE: trailers

Response headers:

HTTP/2 409 
access-control-allow-origin: *
access-control-expose-headers: X-Transmission-Session-Id
content-type: text/html; charset=ISO-8859-1
date: Thu, 31 Oct 2024 22:20:49 GMT
server: Transmission
x-transmission-session-id: 
content-length: 581
Mika- commented 3 weeks ago

I expect that x-transmission-session-id response header has some value that you redacted? So that looks right. What does the next request look like?

deafmute1 commented 3 weeks ago

Both requests appear to be identical. In the second request, the same response with status 409 is returned. The request headers in the second response do not include a x-transmission-session-id value.

deafmute1 commented 3 weeks ago

Heres the actual content of the request header in the 2nd request, in case I missed something:

POST /transmission/rpc HTTP/2
Host: user.bt.l.def.au
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:132.0) Gecko/20100101 Firefox/132.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br, zstd
content-type: application/json
Content-Length: 37096
Origin: moz-extension://0c0e2c01-c253-4e84-a935-4f960a7484c6
DNT: 1
Sec-GPC: 1
Authorization: Basic ZGViaWFuOnYzOGJUOVRVckh5VTkzeGtMdnBocVZKNjk=
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Priority: u=4
Mika- commented 3 weeks ago

Just noticed you have http 2 reverse proxy that causes response header names to be normalized to lower case. Handling that is now fixed in the latest version.

deafmute1 commented 3 weeks ago

All good now! I didn't suspect adding a proxy to be the issue, as I put transmission behind the proxy months ago. Weird that it took this long to cause issues.