Apache configuration of 'Header set Referrer-Policy "no-referrer"' causes Matomo login to fail #15083

I can't login anymore after upgrading matomo from 3.9 to 3.12.
I did db upgrade and get stuck outside the app.
Tested with Firefox 70 and Brave 0.70 based on chromium 78

Here error message I get

I tried to reset my password following this page https://matomo.org/faq/how-to/faq_191/ but I still get the same error.

I'm using same computer, same browser than yesterday, no proxy....

thanks for your help.

hum, finally I got it work on Microsoft Edge but I still get the error on Firefox and Brave.

Hello,

Do you have any Adblocker ? It could be a reason.

Regards,

Hello @JugurthaK ,
I don't have adblocker on Brave, I disable brave shield but I still have the problem.
I tried on Firefox after I disable uBlock Origin and built in Firefox shield and still have the problem.

Strange it work on Microsoft Edge.

Thanks for your help.

Same issue here. My Firefox 70.0.1 (64-bit), sends Origin: nullto Matomo, which results in this error. That also happens to me on a plain FF installation.

There are no problems with Safari or TorBrowser, they send Origin: https://analytics.foobar.org properly.

AFAIK some users had issues updating to 3.10 or so. Maybe clearing all cookies helps? Does it work in incognito mode?

I wonder why not more users are experiencing this issue on Firefox or so. Any thoughts? @Findus23 @mattab ?

Yeah it seems to be like an odd behavior. I would also suspect plugins. I also had this issue before upgrading to 3.12, so it does not has to be introduced in the current release.

Deleting all cookies did not help.
Incognito mode with plugins enabled does not work.
Starting Firefox without Plugins does not help.

I can reproduce the problem. If you set in your Apache configuration the following header Header set Referrer-Policy "no-referrer"then you are not able to login with a cache cleared FF (all plugins enabled),

@xshadow would apache always overwrite that header? Or would apache keep a header that we set in Matomo (cause I think we do set a referrer-policy AFAIK)

As far as I understand the docs "your" header will be overwritten:

set
The response header is set, replacing any previous header with this name.

Is there anything we could do about this, maybe detect this problem and mention it in the red error message like We detected your web server returned a HTTP header "Referrer-Policy" with the value "no-referrer", which is not compatible with Matomo. Please change your webserver configuration to not set this header "Referrer-Policy"