Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

HTTP 302 and "data folder is accessible" #1832

Open
ghost opened this issue Feb 2, 2019 · 2 comments
Open

HTTP 302 and "data folder is accessible" #1832

ghost opened this issue Feb 2, 2019 · 2 comments

Comments

@ghost
Copy link

ghost commented Feb 2, 2019

RainLoop version, browser, OS:
CentOS, nginx

Expected behavior and actual behavior:
It should not show notice message if after denied data directory it redirects user with 302 to web site itself.

Steps to reproduce the problem:
Change config files in nginx from:

location ^~ /data {
    deny all;
  }

to

location ^~ /data {
    deny all;
    return 302 /;
  }

Logs or screenshots:
image
@bfbones
Copy link

bfbones commented Sep 10, 2019

This is a big problem in nextcloud installations with the default nginx configuration, as the nextcloud always redirects to the default app page when accessing the link, but

rainloop-webmail/dev/Stores/Admin/App.js

Line 30 in 19d3b55

$.get('./data/VERSION?' + window.Math.random()).then(() => this.dataFolderAccess(true));

follows 302 redirects and accepts the following 200. This should be checked more precisely and/or redirect following should be removed in that feature.

@kesselb
Copy link
Contributor

kesselb commented Apr 4, 2020

https://github.com/pierre-alain-b/rainloop-nextcloud would be the right place to post this. Probably there is already a report.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@kesselb @bfbones