razzeee
commented
2 years ago Can't reproduce, can you be more specific? And make sure you don't have an old cached version.
Closed pyratebeard closed 2 years ago
razzeee
commented
2 years ago Can't reproduce, can you be more specific? And make sure you don't have an old cached version.
xvitaly
commented
2 years ago Also https://flatpak.org/setup redirects to http://flatpak.org:8080/setup with no encryption:
$ curl -s -v -X HEAD https://flatpak.org/setup
* Trying 8.43.85.3:443...
* Connected to flatpak.org (8.43.85.3) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
* CApath: none
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256
* ALPN, server accepted to use h2
* Server certificate:
* subject: CN=flatpak.org
* start date: Jun 9 06:49:44 2022 GMT
* expire date: Sep 7 06:49:43 2022 GMT
* subjectAltName: host "flatpak.org" matched cert's "flatpak.org"
* issuer: C=US; O=Let's Encrypt; CN=R3
* SSL certificate verify ok.
* Using HTTP2, server supports multiplexing
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x55af1afabe00)
> HEAD /setup HTTP/2
> Host: flatpak.org
> user-agent: curl/7.79.1
> accept: */*
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
< HTTP/2 301
< server: nginx/1.22.0
< date: Fri, 10 Jun 2022 14:12:06 GMT
< content-type: text/html
< content-length: 169
< location: http://flatpak.org:8080/setup/
< set-cookie: cf6607f217959fc7bf591a2ee7cb0a84=7d6a1a4b7c8370a63fd537c078dbb615; path=/; HttpOnly; Secure; SameSite=None
< cache-control: private
<
* transfer closed with 169 bytes remaining to read
* stopped the pause stream!
* Connection #0 to host flatpak.org left intact
* 
pyratebeard
commented
2 years ago 
I have tried on multiple browsers/systems
nanonyme
commented
2 years ago @razzeee looks like the server is probably incorrectly configured so it is writing all redirects to http://flatpak.org:8080 instead of correct https://flatpak.org. https://flatpak.org/setup is not canonical address so it results in redirect. https://flatpak.org/setup/ is the correct address.
nanonyme
commented
2 years ago It needs to be fixed that the server knows what its correct address is so redirects work as expected as well.
razzeee
commented
2 years ago I thought you meant Get set up in the footer, which works.
Difference of those links seems to be the trailing slash, so it's probably the nginx rule for that.
https://flatpak.org/setup https://flatpak.org/setup/ Above are two different links, github omits the trailing slash, you can still click them.
nanonyme
commented
2 years ago Well, the server config is clearly broken for redirects. Who can fix it? Former does HTTP redirect to latter and it would work if server didn't use wrong redirection target.
razzeee
commented
2 years ago I suspect only @barthalion
nanonyme
commented
2 years ago The thing is, if you click the thing with trailing slash omitted, the end result is a connection error to wrong URL.
barthalion
commented
2 years ago Fixed with https://github.com/flatpak/flatpak.github.io/commit/7ec90df0a4f3aa6eb4d9296a9aee952c20ae0aa8.
[bpiotrowski@risuku ~]$ curl -I https://flatpak.org/setup
HTTP/2 301
server: nginx/1.22.0
date: Fri, 10 Jun 2022 17:17:21 GMT
content-type: text/html
content-length: 169
location: /setup/
set-cookie: cf6607f217959fc7bf591a2ee7cb0a84=341c9c727eb799a4e73d32e47f32f2ed; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
[bpiotrowski@risuku ~]$ curl -I https://flatpak.org/setup/
HTTP/2 200
server: nginx/1.22.0
date: Fri, 10 Jun 2022 17:17:23 GMT
content-type: text/html
content-length: 16888
last-modified: Wed, 08 Jun 2022 12:37:01 GMT
vary: Accept-Encoding
etag: "62a097ed-41f8"
accept-ranges: bytes
set-cookie: cf6607f217959fc7bf591a2ee7cb0a84=341c9c727eb799a4e73d32e47f32f2ed; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
Clicking the "Get set up" button on the flatpak.org homepage is redirecting to flatpak.org:8080/setup instead of flatpak.org/setup.