Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ERR_HTTP2_PROTOCOL_ERROR with chrome #11

Closed
arthurlutz opened this issue Jan 8, 2020 · 6 comments · Fixed by #14
Closed

ERR_HTTP2_PROTOCOL_ERROR with chrome #11

arthurlutz opened this issue Jan 8, 2020 · 6 comments · Fixed by #14

Comments

@arthurlutz
Copy link

Deploying a SPIP site with yunohost works great! But when trying to reach the site with chromium or chrome we get :

This site can’t be reachedThe webpage at https://www.soundsmag.org/ might be temporarily down or it may have moved permanently to a new web address.
ERR_HTTP2_PROTOCOL_ERROR

Example : https://www.soundsmag.org/
@arthurlutz
Copy link
Author

Commenting the set_headers :

	# Add headers to serve security related headers
	#more_set_headers Strict-Transport-Security "max-age=15768000;";
	#more_set_headers X-Content-Type-Options nosniff;
	#more_set_headers X-Frame-Options "SAMEORIGIN";
	#more_set_headers X-XSS-Protection "1; mode=block";
	#more_set_headers X-Robots-Tag none;
	#more_set_headers X-Download-Options noopen;
	#more_set_headers X-Permitted-Cross-Domain-Policies none;

Fixes it... although this is probably a better (more secure) solution.

@ashledombos
Copy link

Was it happening with self signed certificate or LE?

@arthurlutz
Copy link
Author

@ashledombos with LE

@ashledombos
Copy link

ashledombos commented Feb 4, 2020
edited

@arthurlutz it's only the line
#more_set_headers X-XSS-Protection "1; mode=block";
which is blocking (which is normal, it's ignored by Firefox)

This line is useless for modern browsers, it only helps to protect older web browers (see here https://code.i-harness.com/en/docs/http/headers/x-xss-protection )

You should be able to uncomment other headers.

ashledombos added a commit to ashledombos/spip_ynh that referenced this issue Feb 4, 2020
@ashledombos
comment header blocking access
b7179c2 
This line prevent access from Chromium and maybe other browsers. See YunoHost-Apps#11
@arthurlutz arthurlutz mentioned this issue Feb 14, 2020
Closed
@DaffyDuke
Copy link

@arthurlutz it's only the line
#more_set_headers X-XSS-Protection "1; mode=block";
which is blocking (which is normal, it's ignored by Firefox)

This line is useless for modern browsers, it only helps to protect older web browers (see here https://code.i-harness.com/en/docs/http/headers/x-xss-protection )

You should be able to uncomment other headers.

exact : approved on my own instance.

@kay0u kay0u mentioned this issue Apr 24, 2020
Merged
@kay0u kay0u closed this as completed in #14 Apr 24, 2020
@kay0u
Copy link
Member

kay0u commented Apr 24, 2020

Hi, this PR should fix this issue.

Thank you for your report!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Testing YunoHost-Apps/spip_ynh
4 participants
@arthurlutz @DaffyDuke @ashledombos @kay0u