Internal server error when access a pad before auth

hackmdio / codimd

CodiMD - Realtime collaborative markdown notes on all platforms.

https://hackmd.io/c/codimd-documentation

GNU Affero General Public License v3.0

9.24k stars 1.05k forks source link

Internal server error when access a pad before auth #1768

Open Nachtlichtermeer opened 2 years ago

Nachtlichtermeer commented 2 years ago

When i try to access a pad through link from a mail i get a clean white page with 'internal server error'. After manual access the startpage and login the link works.

I think there is ah context to our settings because of no pad is anonymous accessable.

expected behavior: Rewrite to startpage for login and then rewrite back to origin pad-URL.

used version: 2.4.1 with docker

settings:

      CMD_DB_URL: postgres://...
      CMD_SESSION_SECRET: ${SECRET}
      CMD_IMAGE_UPLOAD_TYPE: filesystem
      CMD_ALLOW_FREEURL: 'false'
      CMD_ALLOW_ANONYMOUS: 'false'
      CMD_ALLOW_ANONYMOUS_EDITS: 'false'
      CMD_ALLOW_ANONYMOUS_VIEWS: 'false'
      CMD_EMAIL: 'false'
      CMD_LDAP_URL: ${LDAP_URL}
      CMD_LDAP_BINDDN: ${LDAP_BINDDN}
      CMD_LDAP_BINDCREDENTIALS: ${LDAP_BINDCREDENTIALS}
      CMD_LDAP_SEARCHBASE: ${LDAP_SEARCHBASE}
      CMD_LDAP_SEARCHFILTER: ${LDAP_SEARCHFILTER}
      CMD_LDAP_USERIDFIELD: uid
      CMD_DEFAULT_PERMISSION: limited
      CMD_USECDN: 'false'
      CMD_PLANTUML_SERVER: ...

jackycute commented 1 year ago

Hi @Nachtlichtermeer, Thanks for reporting to us. Perhaps your email client alter the note url your are clicking? I'm not sure if I understand your issue properly. Could you take a look what url it showed error?

Nachtlichtermeer commented 1 year ago

Problem has nothing to do with mail.

If i start my browser and open https://codimd.foo.bar/fUsXnPc-ReOwVte-g3UxOQ then i get this error. When i open https://codimd.foo.bar, login and then open https://codimd.foo.bar/fUsXnPc-ReOwVte-g3UxOQ i can see the pad as expected

Sieboldianus commented 7 months ago

I have the same error. It applies to documents that are set to limited. Without login, I receive the Internal Server Error White page. When logging in, I can access the page.

I would expect a page that tells me I need to login to see the document. Is the Internal Server Error a deliberate feature non-authenticated users trying to access a limited document?

The backend logs this access as follows:

docker-codimd-1    | TypeError [ERR_INVALID_URL]: Invalid URL
docker-codimd-1    |     at new NodeError (node:internal/errors:387:5)
docker-codimd-1    |     at URL.onParseError (node:internal/url:565:9)
docker-codimd-1    |     at new URL (node:internal/url:641:5)
docker-codimd-1    |     at new URL (node:internal/url:638:22)
docker-codimd-1    |     at errorForbidden (/home/hackmd/app/lib/response.js:35:19)
docker-codimd-1    |     at showNote (/home/hackmd/app/lib/note/index.js:71:12)

Sieboldianus commented 7 months ago

It was a configuration error on my side: I run CodiMD behind nginx reverse proxy, which does the SSL termination.

I had set the docker-compose.yml without CMD_DOMAIN (because with it, I would get SSL errors). I was missing CMD_PROTOCOL_USESSL=true and CMD_URL_ADDPORT=false, which both where somewhat unintentional.

      - CMD_PROTOCOL_USESSL=true
      - CMD_DOMAIN=hackmd.example.com
      - CMD_URL_ADDPORT=false