search

YunoHost-Apps / wikijs_ynh

Modern and powerful wiki app package for YunoHost
https://wiki.js.org/
GNU Affero General Public License v3.0
18 stars 4 forks source link

Unable to upload file error 403 with administrator user #178

Closed Serizao closed 1 year ago

Serizao commented 2 years ago

Hello,

Firstly thanks to this adaptation it isnice :) . On fresh Install of Yunohost ( 4.3.6.3 ) i have installed Wikijs and i'm not able to upload any file. I have all the time a 403 response code.

I think the probleme comme from the reverse proxy because i have try to navigate and uplaod directly (localhost) and it work.

I have observed that the header Authorization was overwrite by the yunohost configuration with basique auth and so the JWT token wasn't serve to Wikijs. This comportemment explain why i have a forbidden access. I asking if the authentication is on the JWT why i have acces to other part of Wikijs.

I think the probleme is here but i have no idea how to resolve it. wiki js received :

POST /u HTTP/1.1
Host:  [REDACTED]
X-Real-IP: 192.168.10.254
Connection: upgrade
Content-Length: 1292
pragma: no-cache
cache-control: no-cache
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Google Chrome";v="100"
authorization: Basic  [REDACTED : Base64 of yunohost credential here]
content-type: multipart/form-data; boundary=----WebKitFormBoundaryYi7JAB4Ax4exO0rF
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.88 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin:  [REDACTED]
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer:  [REDACTED]
accept-language: fr-FR,fr;q=0.9,en-US;q=0.8,en;q=0.7
cookie:  [REDACTED]
Remote-User:  [REDACTED]
Email:  [REDACTED]
Name:  [REDACTED]
Auth-User: [REDACTED]

------WebKitFormBoundaryYi7JAB4Ax4exO0rF
Content-Disposition: form-data; name="mediaUpload"

{"folderId":0}
------WebKitFormBoundaryYi7JAB4Ax4exO0rF
Content-Disposition: form-data; name="mediaUpload"; filename="test.jpeg"
Content-Type: image/jpeg

[FILE_CONTENT]
------WebKitFormBoundaryYi7JAB4Ax4exO0rF--
Serizao commented 2 years ago

It was resolved change configuration of ssowat : I have change the value of auth_header in /etc/ssowat/conf.json on the domain which host the wikijs i chnage the value True to False image

yalh76 commented 2 years ago

we should do a PR to solve that