New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix manifest.json sending HTTP-Status 403 #19251
Comments
@Daijobou thanks for providing the info, our product team view review this as soon as we can. hints: |
this is most likely a regression from #19051 |
@justinvelluppillai Reverting might not be the best choice. I'll prepare a PR to fix that another way |
This issue has been mentioned on Matomo forums. There might be relevant details there: |
This also affects the example NGINX config @ https://github.com/matomo-org/matomo-nginx. I fixed it locally, I just wanted to mention this. Should I open issue? |
The bigger question is: why is the manifest.json file loaded by the UI at all? |
Since the update to version 4.10 I get banned from my own server. The reason is that Fail2ban checks the access_logs for HTTP status 403 and bans the corresponding IPs. In my case Matomo causes these 403 messages in access_log. In the html source code I found this line in Matomo:
<link rel="manifest" href="plugins/CoreHome/javascripts/manifest.json" crossorigin="use-credentials">
In Browser I get for this
Apparently the browser has no access to the path. This was not a problem in the previous version of Matomo.
I the same folder is this file
plugins/CoreHome/javascripts/noreferrer.js
and here I can access this file without 403.So I take a look and found
plugins/htaccess
and here is json for "safe static files" missing:SOLUTION: After add "json" here, the issue is gone and manifest.json send HTTP Status 200.
EDIT:
Why you have here "mp3|mp4|wav|ogg|avi", in which cases you use this types of media-files here in matomo?
Its make more sense to add image type "webp" here, if you want to use the modern image format instead of "jpg" in the future. :)
The text was updated successfully, but these errors were encountered: