CBR can not be read.

[cdamken]

I have Reader (ebook reader) version 1.2.3 and ownCloud 10.0.7

I tried to open a cbr and I only can see:

I don't see anything in the log files:

{"reqId":"BNexXNhr25hLUESpxkjk","level":0,"time":"2018-03-03T11:43:53+01:00","remoteAddr":"10.1.10.38","user":"carlos","app":"no app in context","method":"GET","url":"\/index.php\/apps\/files_reader\/?file=%2Fremote.php%2Fwebdav%2FExternal-Storages%2FExt-Woodstock%2FHome%2520Tierra%2FLas%2520Rubias%2520tomo%25201%2520.cbr&type=application%2Fx-cbr","message":"x: "}
{"reqId":"KogbPjUQ8ODHspvKza5S","level":0,"time":"2018-03-03T11:43:53+01:00","remoteAddr":"10.1.10.38","user":"carlos","app":"no app in context","method":"GET","url":"\/index.php\/apps\/files_reader\/vendor\/icomoon\/style.css?v=1.2.3.0048","message":"x: "}
{"reqId":"NsJtzcsUmRIwPvDtPhsS","level":0,"time":"2018-03-03T11:43:53+01:00","remoteAddr":"10.1.10.38","user":"carlos","app":"no app in context","method":"GET","url":"\/index.php\/apps\/files_reader\/vendor\/cbrjs\/css\/cbr.css?v=1.2.3.0048","message":"x: "}
{"reqId":"tZr6DBGz1r5DGVG6rM3E","level":0,"time":"2018-03-03T11:43:53+01:00","remoteAddr":"10.1.10.38","user":"carlos","app":"no app in context","method":"GET","url":"\/index.php\/apps\/files\/","message":"x: "}
{"reqId":"fm5MVwhUhW0vTBZLeF9b","level":0,"time":"2018-03-03T11:43:53+01:00","remoteAddr":"10.1.10.38","user":"carlos","app":"no app in context","method":"GET","url":"\/index.php\/apps\/files\/","message":"x: "}
{"reqId":"VlNlC97V0w5a4slxhrDS","level":1,"time":"2018-03-03T11:43:54+01:00","remoteAddr":"10.1.10.38","user":"carlos","app":"admin_audit","method":"GET","url":"\/remote.php\/webdav\/External-Storages\/Ext-Woodstock\/Home%20Tierra\/Las%20Rubias%20tomo%201%20.cbr","message":"Read \"\/carlos\/files\/External-Storages\/Ext-Woodstock\/Home Tierra\/Las Rubias tomo 1 .cbr\" with fileid: 3430470 by user <carlos>, displayName <Carlos Damken>, owner: carlos [CLIENT_IP: 10.1.10.38] [USER_AGENT: Mozilla\/5.0 (Windows NT 10.0; Win64; x64; rv:58.0) Gecko\/20100101 Firefox\/58.0]"}
{"reqId":"R3KcrGWCdEHxEF5FSCD9","level":0,"time":"2018-03-03T11:43:54+01:00","remoteAddr":"10.1.10.38","user":"carlos","app":"no app in context","method":"GET","url":"\/index.php\/apps\/files_reader\/vendor\/bitjs\/archive\/unrar.js","message":"x: "}
{"reqId":"1OefKtLCPAayvaBGPwsu","level":0,"time":"2018-03-03T11:43:54+01:00","remoteAddr":"10.1.10.38","user":"carlos","app":"no app in context","method":"GET","url":"\/index.php\/apps\/files\/","message":"x: "}

The files is in a SMB/WND Share (if that helps)

[Yetangitu]

Please check your webserver configuration, this looks to be the same problem as described in https://github.com/Yetangitu/owncloud-apps/issues/58#issuecomment-359545267

[cdamken]

The webserver looks fine, I can open collabora and other applications

I can open with the Reader (ebook reader) PDFs and EPUBs without problems.

I saw that SMB/WND is not the problem other files can be opened with the reader.

[Yetangitu]

Can you open CBx when it is not on a shared folder?

Can you open the same CBR when it is not on a shared folder?

Do you use 'pretty URLs', i.e. do your URLs include 'index.php' (in which case you're not using 'pretty URLs') or not?

Do you see anything in the console.log (use 'Inspect' in your browser) which could be related? These problems often seem to be related to CSP settings, in which case you should see messages about resources not being loaded due to CSP settings.

[cdamken]

Can you open CBx when it is not on a shared folder? Can you open the same CBR when it is not on a shared folder?

No, I can't open any of the cbr files in any local folder or shared folder.

Do you use 'pretty URLs', i.e. do your URLs include 'index.php' (in which case you're not using 'pretty URLs') or not?

I'm using the standard URL, with index.php, I don't want to rewrite the base Url.:

https://cloud.damken.com/index.php/apps/files/?dir=/_Personal/Libros%20y%20Audiolibros/_English/Sin%20City%20Comics/A%20Dame%20To%20Kill%20for&fileid=158439

Do you see anything in the console.log (use 'Inspect' in your browser) which could be related? These problems often seem to be related to CSP settings, in which case you should see messages about resources not being loaded due to CSP settings.

Refused to apply style from 'https://cloud.damken.com/index.php/apps/files/' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
ready.js?v=1.2.3.0048:28 /apps/files_reader/
cloud.damken.com/:1 Refused to execute script from 'https://cloud.damken.com/index.php/apps/files/' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
archive.js?v=1.2.3.0048:255 Worker error: message = undefined
archive.js?v=1.2.3.0048:256 Uncaught Event {isTrusted: true, type: "error", target: Worker, currentTarget: Worker, eventPhase: 2, …}bubbles: falsecancelBubble: falsecancelable: truecomposed: falsecurrentTarget: Workeronerror: ƒ (e)onmessage: ƒ (e)__proto__: WorkerdefaultPrevented: falseeventPhase: 0isTrusted: truepath: Array(0)length: 0__proto__: Array(0)returnValue: truesrcElement: Workeronerror: ƒ (e)onmessage: ƒ (e)__proto__: Workertarget: Worker {onmessage: ƒ, onerror: ƒ}timeStamp: 1431.4999999915017type: "error"__proto__: Event
worker_.onerror @ archive.js?v=1.2.3.0048:256

[Yetangitu]

This is a problem between your server and your browser, not in Reader. You're using Chrome or Chromium with strict mime checking enabled (as gleaned from those ... is ...., and strict MIME type checking is enabled. lines). Something is causing your server to send the wrong mime type for all kinds of files - possibly due to redirection or the use of some caching server - which causes Chrome|Chromium to refuse to run the script. No script, no renderer, no Reader...

Try to shift-reload the page to bypass the cache, does that work? See https://github.com/GoogleChromeLabs/sw-precache/issues/180 for a similar problem in a totally unrelated project.

Try again with the inspector open on the Network tab. Attempt to load a CBx file, select archive.js in the list of loaded resources, in the Header tab look for the Status Code in General and the content-type in Response Headers. Of course content-type should be set to application/javascript, not text/html as you seem to be getting. For reference, here is what it looks like on a working installation:

General:
   Request URL:https://example.org/apps/files_reader/vendor/bitjs/archive/archive.js?v=1.2.3.0048
   Request Method:GET
   Status Code:200  (from disk cache)
   Remote Address:192.168.1.2:443
   Referrer Policy:no-referrer-when-downgrade

Response Headers:
   accept-ranges:bytes
   cache-control:public, max-age=7200
   content-length:8303
   content-type:application/javascript
   date:Sat, 03 Mar 2018 21:12:42 GMT
   etag:"58d6b9cf-206f"
   last-modified:Sat, 25 Mar 2017 18:41:19 GMT
   server:nginx/1.10.2
   status:200
   x-content-type-options:nosniff
   x-download-options:noopen
   x-frame-options:SAMEORIGIN
   x-permitted-cross-domain-policies:none
   x-robots-tag:none
   x-xss-protection:1; mode=block

Another thing to try is to check Disable cache (on top of the Network tab) and reload the page, select the CBx again and try to open it.

[cdamken]

I tried with Firefox and Chrome, I just gave you the output from Chrome .

Here is From Firefox:

Archive.js: Status 200

Content-Type
application/javascript

Request Header

GET /apps/files_reader/vendor/bitjs/archive/archive.js?v=1.2.3.0048 HTTP/1.1
Host: cloud.damken.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:58.0) Gecko/20100101 Firefox/58.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cloud.damken.com/index.php/apps/files_reader/?file=%2Fremote.php%2Fwebdav%2F_Personal%2FLibros%2520y%2520Audiolibros%2F_English%2FSin%2520City%2520Comics%2FSin%2520City%2520(Violent%2520Marv)%2FSin%2520City%2520-%2520Episode%252001.cbr&type=application%2Fx-cbr
Cookie: ocuhsyihz2sp=jcmmqbc88lfc5bt3dqmdseqa11; oc_sessionPassphrase=rxDkjFhkoEGvVDqtsSKqVvU%2BzoElP0lafJILl7c2Ush9MVs99YDK2%2B6c8Epv1PAjB0shiwqFFZ3FKgqn8YQ3F10K7e0vq7NGMJoPNnLRGgUhkwkosG0Wi%2BEJgZY0WbVq
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

Response Header
HTTP/1.1 200 OK
Date: Sat, 03 Mar 2018 22:07:28 GMT
Server: Apache/2.4.18 (Ubuntu)
Strict-Transport-Security: max-age=15768000
Last-Modified: Sun, 25 Feb 2018 16:51:08 GMT
ETag: "206f-5660c3337b990-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Robots-Tag: none
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Cache-Control: max-age=15778463
Content-Length: 2146
Keep-Alive: timeout=200, max=185
Connection: Keep-Alive
Content-Type: application/javascript

I get 3 errors 302:

Request Header
GET /index.php/apps/files_reader/vendor/icomoon/style.css?v=1.2.3.0048 HTTP/1.1
Host: cloud.damken.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:58.0) Gecko/20100101 Firefox/58.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cloud.damken.com/index.php/apps/files_reader/?file=%2Fremote.php%2Fwebdav%2F_Personal%2FLibros%2520y%2520Audiolibros%2F_English%2FSin%2520City%2520Comics%2FSin%2520City%2520(Violent%2520Marv)%2FSin%2520City%2520-%2520Episode%252001.cbr&type=application%2Fx-cbr
Cookie: ocuhsyihz2sp=jcmmqbc88lfc5bt3dqmdseqa11; oc_sessionPassphrase=rxDkjFhkoEGvVDqtsSKqVvU%2BzoElP0lafJILl7c2Ush9MVs99YDK2%2B6c8Epv1PAjB0shiwqFFZ3FKgqn8YQ3F10K7e0vq7NGMJoPNnLRGgUhkwkosG0Wi%2BEJgZY0WbVq
Connection: keep-alive

Response Header
HTTP/1.1 302 Found
Date: Sat, 03 Mar 2018 21:33:12 GMT
Server: Apache/2.4.18 (Ubuntu)
Strict-Transport-Security: max-age=15768000
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; frame-src *; img-src * data: blob:; font-src 'self' data:; media-src *; connect-src *
Location: https://cloud.damken.com/index.php/apps/files/
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Robots-Tag: none
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Content-Length: 0
Keep-Alive: timeout=200, max=138
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Request Header
GET /index.php/apps/files_reader/vendor/cbrjs/css/cbr.css?v=1.2.3.0048 HTTP/1.1
Host: cloud.damken.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:58.0) Gecko/20100101 Firefox/58.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cloud.damken.com/index.php/apps/files_reader/?file=%2Fremote.php%2Fwebdav%2F_Personal%2FLibros%2520y%2520Audiolibros%2F_English%2FSin%2520City%2520Comics%2FSin%2520City%2520(Violent%2520Marv)%2FSin%2520City%2520-%2520Episode%252001.cbr&type=application%2Fx-cbr
Cookie: ocuhsyihz2sp=jcmmqbc88lfc5bt3dqmdseqa11; oc_sessionPassphrase=rxDkjFhkoEGvVDqtsSKqVvU%2BzoElP0lafJILl7c2Ush9MVs99YDK2%2B6c8Epv1PAjB0shiwqFFZ3FKgqn8YQ3F10K7e0vq7NGMJoPNnLRGgUhkwkosG0Wi%2BEJgZY0WbVq
Connection: keep-alive

Response Header
HTTP/1.1 302 Found
Date: Sat, 03 Mar 2018 21:33:12 GMT
Server: Apache/2.4.18 (Ubuntu)
Strict-Transport-Security: max-age=15768000
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; frame-src *; img-src * data: blob:; font-src 'self' data:; media-src *; connect-src *
Location: https://cloud.damken.com/index.php/apps/files/
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Robots-Tag: none
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Content-Length: 0
Keep-Alive: timeout=200, max=139
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Request Header
GET /index.php/apps/files_reader/vendor/bitjs/archive/unrar.js HTTP/1.1
Host: cloud.damken.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:58.0) Gecko/20100101 Firefox/58.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cloud.damken.com/index.php/apps/files_reader/?file=%2Fremote.php%2Fwebdav%2F_Personal%2FLibros%2520y%2520Audiolibros%2F_English%2FSin%2520City%2520Comics%2FSin%2520City%2520(Violent%2520Marv)%2FSin%2520City%2520-%2520Episode%252001.cbr&type=application%2Fx-cbr
Cookie: ocuhsyihz2sp=jcmmqbc88lfc5bt3dqmdseqa11; oc_sessionPassphrase=rxDkjFhkoEGvVDqtsSKqVvU%2BzoElP0lafJILl7c2Ush9MVs99YDK2%2B6c8Epv1PAjB0shiwqFFZ3FKgqn8YQ3F10K7e0vq7NGMJoPNnLRGgUhkwkosG0Wi%2BEJgZY0WbVq
Connection: keep-alive

Response Header
HTTP/1.1 302 Found
Date: Sat, 03 Mar 2018 21:33:13 GMT
Server: Apache/2.4.18 (Ubuntu)
Strict-Transport-Security: max-age=15768000
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; frame-src *; img-src * data: blob:; font-src 'self' data:; media-src *; connect-src *
Location: https://cloud.damken.com/index.php/apps/files/
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Robots-Tag: none
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Content-Length: 0
Keep-Alive: timeout=200, max=134
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

[Yetangitu]

302 is not an error, it indicates a redirect. In your case the redirect goes to Location: https://cloud.damken.com/index.php/apps/files/ for all three files style.css, cbr.css and unrar.js. This default redirect to the files app usually happens when something is misconfigured as indeed it seems to be here: the successful request to archive.js uses a 'pretty URL' while the failing requests to style.css, cbr.css and unrar.js don't (they include index.php in the path). This is... weird... given that you state not to use 'pretty urls'. The request to archive.js is generated through the NC/OC urlGenerator function while the other three are just straight relative urls. Clearly the urlGenerator seems to assume that you are using pretty urls. It looks at two things to determine this, check NC_ROOT/lib/private/URLGenerator.php (function linkTo()) for the used logic. You can force it to not use 'pretty urls' in Apache (which seems to be what you're using) by setting the system value htaccess.IgnoreFrontController to true, either by editing config.php by hand or by issuing the following command:

sudo -u www-data occ config:system:set --type boolean --value true htaccess.IgnoreFrontController
sudo -u www-data occ maintenance:update:htaccess

where www-data is the user under which Apache runs. Issue this command from within your Nextcloud directory.

The reason why these problems started cropping up is that NC/OC now include a hard-coded CSP directive which sets base-uri to none. Before this was the case Reader set the base-uri to whatever was produced by the urlGeneator which ensured that all relative requests worked even in the presence of faulty 'pretty url' rewriting logic. Now that this is no longer possible Reader (and other apps which request resources through relative urls) is at the mercy of whatever the 'pretty url' rewriting logic does. In your case this seems to fail as it works for 'pretty' urls but not for 'non-pretty' urls.

[cdamken]

where www-data is the user under which Apache runs. Issue this command from within your Nextcloud directory.

I only use ownCloud

[cdamken]

I tried to add in the config.php:

  'htaccess.IgnoreFrontController' => true,

But there are no changes

[Yetangitu]

Did you also update .htaccess through the second command sudo -u www-data occ maintenance:update:htaccess?

As far as Nextcloud versus Owncloud is concerned there are no differences (yet) in this respect.

[cdamken]

Yes, I did the occ maintenance:update:htaccess, but no changes happened

[Yetangitu]

Not occ update but occ maintenance:update:htaccess.

Can you access those files which resulted in 302 redirects manually? Try to access your.domain.name/index.php/apps/files_reader/vendor/bitjs/archive/unrar.js in a browser, does it work? What about your.domain.name/apps/files_reader/vendor/bitjs/archive/unrar.js, does that work?

[cdamken]

GET /index.php/apps/files_reader/vendor/bitjs/archive/unrar.js HTTP/1.1
Host: cloud.damken.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:58.0) Gecko/20100101 Firefox/58.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cookie: ocuhsyihz2sp=non8ociqbbms38muu01nm50gk3; oc_sessionPassphrase=91qXKTwEYe%2Bm3dkOoqIQLrZ55sdTHn0R%2BsWaxN92Qg7PbYa3Oxj9OTlx54aYstWTNHJ8viQ8Vd5P2rSMglNbnxMF3x2qNSLQAvREUspBrjaKviHd%2B%2FHHsHkiF3O5TyXT
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Sun, 04 Mar 2018 00:40:28 GMT
Server: Apache/2.4.18 (Ubuntu)
Strict-Transport-Security: max-age=15768000
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; frame-src *; img-src * data: blob:; font-src 'self' data:; media-src *; connect-src *
Location: https://cloud.damken.com/index.php/apps/files/
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Robots-Tag: none
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Content-Length: 0
Keep-Alive: timeout=200, max=136
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

[Yetangitu]

Try without index.php: your.domain.name/apps/files_reader/vendor/bitjs/archive/unrar.js

[cdamken]

root@snoopy3:/var/www/owncloud/config# curl -I https://cloud.damken.com/index.php/apps/files_reader/vendor/bitjs/archive/unrar.js
HTTP/1.1 302 Found
Date: Sun, 04 Mar 2018 00:45:06 GMT
Server: Apache/2.4.18 (Ubuntu)
Strict-Transport-Security: max-age=15768000
Set-Cookie: ocuhsyihz2sp=fr1fo1q6vuk5cjojmm6rnnic05; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: oc_sessionPassphrase=EWmEpzxP9yjmn96k0EI8lbJpNeISr4DxJVUUlIue4PkXkdeZMqlFoD%2FB7vbidwGxTgfTD6LZ7%2FxYTmkVr2qjmz1DU0y2g25Hl8YvWAcJdRuFtj%2Fnz%2FZFc2bjKIA0Xwmh; path=/; secure; HttpOnly
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; frame-src *; img-src * data: blob:; font-src 'self' data:; media-src *; connect-src *
Location: https://cloud.damken.com/index.php/login
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Robots-Tag: none
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Content-Type: text/html; charset=UTF-8

root@snoopy3:/var/www/owncloud/config# curl -I https://cloud.damken.com/apps/files_reader/vendor/bitjs/archive/unrar.js
HTTP/1.1 200 OK
Date: Sun, 04 Mar 2018 00:46:14 GMT
Server: Apache/2.4.18 (Ubuntu)
Strict-Transport-Security: max-age=15768000
Last-Modified: Sun, 25 Feb 2018 16:51:08 GMT
ETag: "15920-5660c3337b990"
Accept-Ranges: bytes
Content-Length: 88352
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Robots-Tag: none
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Cache-Control: max-age=15778463
Content-Type: application/javascript

[Yetangitu]

Try to access https://cloud.damken.com/ and see what you get...

[cdamken]

redirects me immediately to https://cloud.damken.com/index.php/login

[cdamken]

let me try over curl

[cdamken]

root@snoopy3:/etc/apache2/sites-enabled# curl -I https://cloud.damken.com
HTTP/1.1 302 Found
Date: Sun, 04 Mar 2018 00:52:42 GMT
Server: Apache/2.4.18 (Ubuntu)
Strict-Transport-Security: max-age=15768000
Set-Cookie: ocuhsyihz2sp=1eso5h20ci1lqvag1vv8r8hqq1; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: oc_sessionPassphrase=rFeO3TmSTcYfSN9Wbef1cakJtuYJ%2FEE2WJzNEPO9Kl1PtsidPLK3C5M4bYz25eLyUgjFotzkGHhdeefziTHzzH5H8LsgDjn4BBSaC%2F5sp4SrisJctDeFgI%2BDsFkgb4Ke; path=/; secure; HttpOnly
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; frame-src *; img-src * data: blob:; font-src 'self' data:; media-src *; connect-src *
Location: https://cloud.damken.com/index.php/login
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Robots-Tag: none
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Content-Type: text/html; charset=UTF-8

[Yetangitu]

There is some problem with the way urls are handled on your server, leading to these results. Check this page:

https://doc.owncloud.org/server/10.0/admin_manual/configuration_server/index_php_less_urls.html

...for more information on how to enable 'pretty urls'. You can either try to enable them and see if it works, or try to disable any lingering rewrite logic. You installation currently seems to be rewriting some urls but not others, something which in combination with the hard-coded base-uri:none directive in the AppFramework causes problems for apps using relative urls.

I'd try to enable them as this is more or less becoming the norm.

[cdamken]

I don't want to disable the index.php, that is only optional

[cdamken]

the only problem is with the cbr.

the pdf and epub are working fine.

as I said, all other apps follow the index.php redirect.

[Yetangitu]

Try the following workaround:

diff --git a/files_reader/templates/cbreader.php b/files_reader/templates/cbreader.php
index 24bac88..9bb2d6a 100644
--- a/files_reader/templates/cbreader.php
+++ b/files_reader/templates/cbreader.php
@@ -32,13 +32,13 @@
         <meta charset="utf-8">
         <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
         <meta name="apple-mobile-web-app-capable" content="yes">
-        <!-- <base href="<?php p($urlGenerator->linkTo('files_reader',''));?>"> -->
+        <base href="<?php p($urlGenerator->linkTo('files_reader',''));?>">
         <title>
             <?php p($title);?>
         </title>
         <link rel="shortcut icon" href="img/book.png">
-        <link rel="stylesheet" href="vendor/icomoon/style.css?v=<?php p($version) ?>">
-        <link rel="stylesheet" href="vendor/cbrjs/css/cbr.css?v=<?php p($version) ?>">
+        <link rel="stylesheet" href="<?php p($urlGenerator->linkTo('files_reader', 'vendor/icomoon/style.css')) ?>?v=<?php p($version) ?>">
+        <link rel="stylesheet" href="<?php p($urlGenerator->linkTo('files_reader', 'vendor/cbrjs/css/cbr.css')) ?>?v=<?php p($version) ?>">
         <script type="text/javascript" nonce="<?php p($nonce) ?>" src="<?php p($urlGenerator->linkTo('files_reader', 'js/lib/Blob.js')) ?>?v=<?php p($version) ?>"> </script>
         <script type="text/javascript" nonce="<?php p($nonce) ?>" src="<?php p($urlGenerator->linkTo('files_reader', 'vendor/epubjs/libs/jquery.min.js')) ?>?v=<?php p($version) ?>"> </script>
         <script type="text/javascript" nonce="<?php p($nonce) ?>" src="<?php p($urlGenerator->linkTo('files_reader', 'vendor/sindresorhus/screenfull.js')) ?>?v=<?php p($version) ?>"> </script>

This re-enables the base tag (which causes spurious warnings in current Nextcloud but still seems to work in current Owncloud) which in turn enables archive.js to load unrar.js, something which currently fails on your system.

[cdamken]

AWESOME! WORKS! Thanks!

I still get 2 "errors" 404 (Yes, I know there are no errors, but I just call everything that is not 200 like that)

GET /apps/files_reader/vendor/cbrjs/css/img/loading.gif HTTP/1.1
Host: damken.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:58.0) Gecko/20100101 Firefox/58.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://damken.cloud/apps/files_reader/vendor/cbrjs/css/cbr.css?v=1.2.3.0048
Cookie: ocuhsyihz2sp=agulo6pgosr0gmatq1nbui1rs1; oc_sessionPassphrase=cz38yD9g7CDw2r1zZnEmXYwgEYsazDGwcgpKId%2B6WF32OmEx7CKyNJY8XemXzqmM9Y52PsgxW%2FwZ5%2FXnXuEuasNxqab17yF7Xj5x75SyezTB6RRO59vJQxB7bGl9I%2Ff%2B
Connection: keep-alive

HTTP/1.1 404 Not Found
Date: Sun, 04 Mar 2018 17:00:06 GMT
Server: Apache/2.4.18 (Ubuntu)
Strict-Transport-Security: max-age=15768000
Content-Length: 327
Keep-Alive: timeout=200, max=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

POST /apps/files_reader/bookmark/cursor HTTP/1.1
Host: damken.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:58.0) Gecko/20100101 Firefox/58.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://damken.cloud/index.php/apps/files_reader/?file=%2Fremote.php%2Fwebdav%2F_Personal%2FLibros%2520y%2520Audiolibros%2F_English%2FSin%2520City%2520Comics%2FSin%2520City%2520(Violent%2520Marv)%2FSin%2520City%2520-%2520Episode%252001.cbr&type=application%2Fx-cbr
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 21
Cookie: ocuhsyihz2sp=agulo6pgosr0gmatq1nbui1rs1; oc_sessionPassphrase=cz38yD9g7CDw2r1zZnEmXYwgEYsazDGwcgpKId%2B6WF32OmEx7CKyNJY8XemXzqmM9Y52PsgxW%2FwZ5%2FXnXuEuasNxqab17yF7Xj5x75SyezTB6RRO59vJQxB7bGl9I%2Ff%2B
Connection: keep-alive

HTTP/1.1 404 Not Found
Date: Sun, 04 Mar 2018 17:00:06 GMT
Server: Apache/2.4.18 (Ubuntu)
Strict-Transport-Security: max-age=15768000
Content-Length: 310
Keep-Alive: timeout=200, max=4
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

And I notice once you go open the book and you go Back with the browser arrow (◀️) you have the image overlapped with the files app:

[cdamken]

The book can be closed by navigating to the book reader bar and then close it.

[Yetangitu]

As said this is a workaround for problems caused by faulty rewrite logic, the real solution would be to get that working. Is there any reason why you don't want 'pretty' urls? Rewrite happens whether you have those or not. Without 'pretty' urls relative links for javascript worker scripts - normally directly loaded resources, i.e. without index.php in the path - can be problematic as scripts fail to load, leading to the problems you experienced since the loading script (initially loaded through the template) considers index.php to be part of the base path. This could be corrected by explicitly setting the base tag in the template but that path is currently cut off in Nextcloud due to a hard-coded CSP directive which sets base-uri to none. This is probably a bug in Nextcloud but it is the way things are at the moment. Both Nextcloud and Owncloud will need to do some work on the CSP settings as both still refer to child-src instead of worker-src, leading to a different set of problems with worker scripts.

Suffice to say that scripts and styles are directly-loaded in all situations, i.e. without index.php in the path. Only php code is accessed through index.php.

[Yetangitu]

And indeed, you should not use the browser back button/key to navigate 'back' to the Files app. Reader is implemented as a plugin to the Files app and needs to be closed by either using its own close button (which you found), by reloading the page (which lands you in the Files app at the directory where you opened Reader) or pressing the Files app button (which lands you in the root directory of the Files app). On a mobile touch device Reader will open in its own window or tab (depending on which browser you use) in which case you can just close that window/tab.

[Yetangitu]

BTW, those 404 messages seem to arise from the use of a wrong domain name:

Referer: https://damken.cloud/index.php...

Where did .com go?

[cdamken]

I prefer to use the default index.php because that is the default ownCloud configuration. I use this server to test real ownCloud problems. Let me talk with some oC developers which advantages or disadvantages I could have if you choose to change the 'pretty' URLs configuration.

About the CSP, I will come to you later.

I remember the first time I installed the reader app (1.2.1) opened a new window after I upgraded to 1.2.2 was an issue that oC did not work fine, you helped me to fix it and in 1.2.3 was ok, but no new windows anymore. Well, that is not so important now.

I have 2 valid domains: cloud.damken.com and damken.cloud (without com) The 404 happens in cloud.damken.com too.

[aegisgfx]

Hey love your app, getting rid of the index.php worked for me as well. One question, can it be made compatible with CBR and CBZ files that use the WEBP format instead of JPG? There is a really great compressor I have used on most of my files that makes the CBZ/R file like 60% smaller, but the new files are WEBP on the inside. Just wondering if that would be hard/impossible?

[cdamken]

Hey love your app, getting rid of the index.php worked for me as well

I didn't remove the index.php, I patched using https://github.com/Yetangitu/owncloud-apps/issues/85#issuecomment-370235062

Talking with some engineers, the .htaccess is normally read-only, that's why after upgrading/installing you can't get rid of the index.php. In theory should not be any difference, as default should the code follow the path, in this case with urlGenerator.

about the Compressed CBR, IMO looks like a good idea, but it will be better to create a separate issue as a feature request, that way it's better to track it. Am a right @Yetangitu ?

[alessio-zamparelli]

not solved for me, using https://github.com/Yetangitu/owncloud-apps/issues/85#issuecomment-370235062

[Slevin7]

I change the cbrreader.php after that the cbreader seens to load an cbr comic. but not more.

did i miss anything?

[Ryonez]

This problem is still present:

I've been working on the proxy for a while now, I'm not sure the issue is there.

[BodoWitcha]

Same problem as reported by Ryonez. Nextcloud v13.0.5 with Apache, MariaDB using the Ubuntu download

[BodoWitcha]

After applying the commands:

sudo -u www-data php occ config:system:set --type boolean --value true htaccess.IgnoreFrontController
sudo -u www-data php occ maintenance:update:htaccess
systemctl restart apache2

The issue was resolved.

[Ryonez]

@BodoWitcha

Would you mind explaining what the commands are doing? As far as I know, htaccess has nothing to do with mime types.

[BodoWitcha]

@Ryonez Ref in this post: Yetangitu commented on 4 Mar explains a possible solution.

You can force it to not use 'pretty urls' in Apache (which seems to be what you're using) by setting the system value htaccess.IgnoreFrontController to true, either by editing config.php by hand or by issuing the following command:

[Ryonez]

@BodoWitcha

I'm not seeing a reff link in your reply.

[BodoWitcha]

https://github.com/Yetangitu/owncloud-apps/issues/85#issuecomment-370188730

I hope that this URL points to the referenced comment

[Ryonez]

Yup, that linked. Interesting, I'll look at it when I get up later.

I'm just a little wary of editing core files like this, so gonna look at what exactly the commands are doing to the url first.

Nice find though, will let you know what I find.

[BodoWitcha]

@Yetangitu The issue as reported is resolved as a workaroud. However my preference is this use pretty url's. Should the remarks in your https://github.com/Yetangitu/owncloud-apps/issues/85#issuecomment-370188730 not be created as a new problem?