Open Kharonus opened 1 year ago
Ahoi @julien-nc ,
as decided in last Jour Fixes I assembled a full scale bug report with all the information I gather around the direct download bug.
Hi, please update to 25.0.7 or better 26.0.2 and report back if it fixes the issue. Thank you!
My goal is to add a label like e.g. 26-feedback to this ticket of an up-to-date major Nextcloud version where the bug could be reproduced. However this is not going to work without your help. So thanks for all your effort!
If you don't manage to reproduce the issue in time and the issue gets closed but you can reproduce the issue afterwards, feel free to create a new bug report with up-to-date information by following this link: https://github.com/nextcloud/server/issues/new?assignees=&labels=bug%2C0.+Needs+triage&template=BUG_REPORT.yml&title=%5BBug%5D%3A+
Ahoi @szaimen,
thanks for you efforts.
I updated my NC testing instance to 26.0.1 and executed the above mentioned reproducing steps, and the problem still persist. You mentioned, that you were not able to reproduce it. Would a video help explaining the steps more detailed?
⚠️ This issue respects the following points: ⚠️
Bug description
The direct download link, returned by this API request, does not work if embedded into any other website.
Steps to reproduce
POST /ocs/v2.php/apps/dav/api/v1/direct
.Expected behavior
The download behaviour should happen everytime I click the link.
Installation method
Community Docker image
Operating system
Debian/Ubuntu
PHP engine version
PHP 8.0
Web server
Apache (supported)
Database engine version
MySQL
Is this bug present after an update or on a fresh install?
Fresh Nextcloud Server install
Are you using the Nextcloud Server Encryption module?
No response
What user-backends are you using?
Configuration report
List of activated Apps
Nextcloud Signing status
Nextcloud Logs
Additional info
The request done by clicking the
<a>
tag with the target reference returns a 503. It does not happen, if executed in a browser without any cookies set for the nextcloud host. Yet, executing it once opens the NC domain, and doing so sets cookies. Hence, doing it twice, even in a "fresh" browser leads to the same error behaviour.For example purposes I used a simple HTML like: