search

elastic / kibana

Your window into the Elastic Stack
https://www.elastic.co/products/kibana
Other
19.66k stars 8.23k forks source link

Failed to load resource: the server responded with a status of 403 (Forbidden) - error seen in the server logs while printing the PDF reports #101347

Closed rashmivkulkarni closed 3 years ago

rashmivkulkarni commented 3 years ago

Kibana version : 8.0 snapshot

Steps: 1) Running default distribution 2) No security enabled 3) Installed e-commerce sample data 4) Go to the dashboard and print the PDF report. [eCommerce] Revenue Dashboard

Errors caught in server logs 

{"type":"log","@timestamp":"2021-06-03T22:13:15+00:00","tags":["error","plugins","reporting","runTask","printablePdf","printable_pdf","execute-job","kphgg6bp02rz8f5fe55c7rkb","browser-driver","headless-browser-console"],"pid":3599,"message":"Refused to execute inline script because it violates the following Content Security Policy directive: \"script-src 'unsafe-eval' 'self'\". Either the 'unsafe-inline' keyword, a hash ('sha256-P5polb1UreUSOe5V/Pv7tc+yeZuJXiOi/3fqhGsU7BE='), or a nonce ('nonce-...') is required to enable inline execution.\n"}

{"type":"log","@timestamp":"2021-06-03T22:13:18+00:00","tags":["error","plugins","reporting","runTask","printablePdf","printable_pdf","execute-job","kphgg6bp02rz8f5fe55c7rkb","browser-driver","headless-browser-console"],"pid":3599,"message":"Failed to load resource: the server responded with a status of 403 (Forbidden)"}

First error is expected as it is coming from the headless browser that is opening the dashboard. But the second error is what is not expected as we do not have security enabled.

Tried with a new dashboard with any visualization hits the above 403 error . But the PDF gets generated successfully.

Tried printing a new visualization, - causes the same 403 error. Tried export from Discover - CSV reports- didn't cause the 403 error.

Note: trying to get to a point where we fail tests if there are unexpected errors in the logs.

elasticmachine commented 3 years ago

Pinging @elastic/kibana-reporting-services (Team:Reporting Services)

LeeDr commented 3 years ago

When security is enabled, we only get the first expected CSP error. We don't get the 403.

tsullivan commented 3 years ago

First error is expected as it is coming from the headless browser that is opening the dashboard.

None of the errors are coming from the headless browser, or from the Reporting plugin. The Reporting plugin is the messenger for errors that are logged on the page. The browser is headless, so there would be no other way for the user to ever see those errors.

The root cause is due to plugins on the page. I'm removing the Reporting labels from this issue.

tsullivan commented 3 years ago

I just realized there is a reporting bug here, since the error message doesn't show the location of what is logging that error.

https://pptr.dev/#?product=Puppeteer&version=v8.0.0&show=api-consolemessagelocation

tsullivan commented 3 years ago

@rashmivkulkarni do you have this message in your logs: Chromium received a non-OK response (403)? If so, does that log line show the URL that causes the 403 error?

rashmivkulkarni commented 3 years ago

yes, I hit the error and have linked it in the original issue. Closing this one. https://github.com/elastic/kibana/issues/100285#issuecomment-854985857