Open TyzzyT opened 1 week ago
Hey there @home-assistant/core, mind taking a look at this issue as it has been labeled with an integration (http
) you are listed as a code owner for? Thanks!
(message by CodeOwnersMention)
http documentation http source (message by IssueLinks)
Can you please enable debug logs for http
intgeration, set the strict_connection
option to guard_page
to get any feedback. Do you see the guard_page, when accessing from the local IP address?
Strict connection should not return a status code on drop_connection
I set strict_connection to guard_page. When I go to an add-on via the local IP, I still receive the 401: Unauthorized
error
In home-assistant.log there is this when I get the http 401 error.
2024-04-26 16:50:48.430 DEBUG (MainThread) [homeassistant.components.http.auth] Authenticated 172.30.32.2 for /api/core/state using bearer token
2024-04-26 16:50:48.434 DEBUG (MainThread) [homeassistant.components.http.auth] Authenticated 172.30.32.2 for /api/services using bearer token
2024-04-26 16:50:48.448 DEBUG (MainThread) [homeassistant.components.http.auth] Authenticated 172.30.32.2 for /api/core/state using bearer token
2024-04-26 16:50:48.453 DEBUG (MainThread) [homeassistant.components.http.auth] Authenticated 172.30.32.2 for /api/events using bearer token
2024-04-26 16:50:48.460 DEBUG (MainThread) [homeassistant.components.http.auth] Authenticated 172.30.32.2 for /api/core/state using bearer token
2024-04-26 16:50:48.467 DEBUG (MainThread) [homeassistant.components.http.auth] Authenticated 172.30.32.2 for /api/states using bearer token
Please post all logs as the above one only tell me that everything is working correctly. If strict connection is blocking your request, there should be another log entry
The logs are showing some sensitive information, like automation title will tell the world what I've automated and what not. Can you please tell me what line you're looking for so I can search through the logs for you?
If strict connection blocked the request you see
[homeassistant.components.http.auth] Perform strict connection action for X
Can you please share which addon has the issue? I cannot reproduce it
All add-ons are having this issue: File editor, Frigate, InfluxDB, Terminal, Google Drive backup.
No errors in the log saying
[homeassistant.components.http.auth] Perform strict connection action for X
The problem
I have the NGINX reverse proxy add-on setup and I set
strict_connection: drop_connection
When going to the public URL (https://subdomain.mydomainname.com:8124/) the File editor, InfluxDB or Frigate add-on is working, but when going to the local url (https://192.168.2.250:8124/) the add-ons are not working and showing 401: Unauthorized.I believe this is a bug, because I'm coming from a local IP and my browser session is authenticated because the regular frontend of HA is working.
What version of Home Assistant Core has the issue?
2024.5.0b0
What was the last working version of Home Assistant Core?
never
What type of installation are you running?
Home Assistant OS
Integration causing the issue
http
Link to integration documentation on our website
https://rc.home-assistant.io/integrations/http/#strict-connection-mode
Diagnostics information
No response
Example YAML snippet
Anything in the logs that might be useful for us?
No response
Additional information
No response