Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix manifest.json sending HTTP-Status 403 #19251

Closed
Daijobou opened this issue May 21, 2022 · 7 comments · Fixed by #19257
Closed

Fix manifest.json sending HTTP-Status 403 #19251

Daijobou opened this issue May 21, 2022 · 7 comments · Fixed by #19257
Assignees
@sgiehl
Labels
not-in-changelog For issues or pull requests that should not be included in our release changelog on matomo.org. Regression Indicates a feature used to work in a certain way but it no longer does even though it should.
Milestone
4.10.1

Comments

@Daijobou
Copy link

Daijobou commented May 21, 2022
edited

Since the update to version 4.10 I get banned from my own server. The reason is that Fail2ban checks the access_logs for HTTP status 403 and bans the corresponding IPs. In my case Matomo causes these 403 messages in access_log. In the html source code I found this line in Matomo:

<link rel="manifest" href="plugins/CoreHome/javascripts/manifest.json" crossorigin="use-credentials">

In Browser I get for this

Forbidden
You don't have permission to access this resource.

Apparently the browser has no access to the path. This was not a problem in the previous version of Matomo.
I the same folder is this file plugins/CoreHome/javascripts/noreferrer.js and here I can access this file without 403.

So I take a look and found plugins/htaccess and here is json for "safe static files" missing:

# Allow to serve static files which are safe
<Files ~ "\.(gif|ico|jpg|png|svg|js|css|htm|html|mp3|mp4|wav|ogg|avi|ttf|eot|woff|woff2)$">

SOLUTION: After add "json" here, the issue is gone and manifest.json send HTTP Status 200.

EDIT:
Why you have here "mp3|mp4|wav|ogg|avi", in which cases you use this types of media-files here in matomo?
Its make more sense to add image type "webp" here, if you want to use the modern image format instead of "jpg" in the future. :)
@Daijobou Daijobou added the Potential Bug Something that might be a bug, but needs validation and confirmation it can be reproduced. label May 21, 2022
@peterhashair
Copy link
Contributor

@Daijobou thanks for providing the info, our product team view review this as soon as we can.

hints: ServerFilesGenerator.php probably here needs an update as the issue requested.

@peterhashair peterhashair added the Needs priority decision This issue may need to be added to the current milestone by Product Manager label May 23, 2022
@sgiehl
Copy link
Member

sgiehl commented May 23, 2022

this is most likely a regression from #19051

@sgiehl sgiehl added Regression Indicates a feature used to work in a certain way but it no longer does even though it should. and removed Potential Bug Something that might be a bug, but needs validation and confirmation it can be reproduced. labels May 23, 2022
@justinvelluppillai justinvelluppillai removed the Needs priority decision This issue may need to be added to the current milestone by Product Manager label May 23, 2022
@justinvelluppillai justinvelluppillai added this to the 4.10.1 milestone May 23, 2022
@justinvelluppillai
Copy link
Contributor

@sgiehl are you happy to revert #19051 to fix this?

@sgiehl
Copy link
Member

sgiehl commented May 24, 2022

@justinvelluppillai Reverting might not be the best choice. I'll prepare a PR to fix that another way

@sgiehl sgiehl self-assigned this May 24, 2022
@sgiehl sgiehl mentioned this issue May 24, 2022
Merged
11 tasks
@sgiehl sgiehl linked a pull request May 24, 2022 that will close this issue
Allow to serve manifest.json file #19257
Merged
11 tasks
@justinvelluppillai justinvelluppillai changed the title manifest.json send HTTP-Status 403 (v4.10) Fix manifest.json sending HTTP-Status 403 May 25, 2022
@MatomoForumNotifications
Copy link

This issue has been mentioned on Matomo forums. There might be relevant details there:

https://forum.matomo.org/t/error-403-manifest-json/46196/4

@justinvelluppillai justinvelluppillai added the not-in-changelog For issues or pull requests that should not be included in our release changelog on matomo.org. label Jul 8, 2022
@uschindler
Copy link

uschindler commented Nov 29, 2023
edited

This also affects the example NGINX config @ https://github.com/matomo-org/matomo-nginx. I fixed it locally, I just wanted to mention this. Should I open issue?

@uschindler
Copy link

The bigger question is: why is the manifest.json file loaded by the UI at all?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sgiehl sgiehl

Labels
not-in-changelog For issues or pull requests that should not be included in our release changelog on matomo.org. Regression Indicates a feature used to work in a certain way but it no longer does even though it should.
Projects
None yet
Milestone
4.10.1
Development

Successfully merging a pull request may close this issue.

Allow to serve manifest.json file matomo-org/matomo
6 participants
@Daijobou @uschindler @justinvelluppillai @sgiehl @peterhashair @MatomoForumNotifications