Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[INVALID_QUERY] "filter" must be of type object #8892

Closed
3 tasks done
kamilru opened this issue Oct 18, 2021 · 1 comment
Closed
3 tasks done

[INVALID_QUERY] "filter" must be of type object #8892

kamilru opened this issue Oct 18, 2021 · 1 comment

Comments

@kamilru
Copy link

kamilru commented Oct 18, 2021

Preflight Checklist

Describe the Bug

Hello,

In our setup we are using reverse proxy that does url rewriting -- there is already some content serverd on our domain from /, so we decided to server directus content on /api/cms/

Also, our reverse proxy terminates SSL.

Rewrite:
/api/cms/(?.*) -> /${remaining}

In order to achive proper linking to resources, we changed default value of PUBLIC_URL variable
from / to PUBLIC_URL=https://example.com/api/cms/

After that change we observe problems in admin panel.

Example URI: https://example.com/api/cms/items/main_slider?limit=25&fields[]=header_label&fields[]=header_label_inline&fields[]=id&fields[]=status&sort[]=id&page=1&filter=%7B%22status%22:%7B%22_neq%22:%22archived%22%7D%7D&meta[]=filter_count&meta[]=total_count

After checking in logs we find that value of filter attribute differs from one above (taken from browser dev tools)
request completed GET 400 /items/main_slider?limit=25&fields[]=header_label&fields[]=header_label_inline&fields[]=id&fields[]=status&sort[]=id&page=1&filter=%257B%2522status%2522:%257B%2522_neq%2522:%2522archived%2522%257D%257D&meta[]=filter_count&meta[]=total_count

And 400 error response:

{
  "errors": [
    {
      "message": "\"filter\" must be of type object",
      "extensions": {
        "code": "INVALID_QUERY"
      }
    }
  ]
}

image

To Reproduce

  1. Install directus using attached docker-compose.yml
---
version: "3.2"

networks:
  site-overlay-network:
    external: true
secrets:
  DB_PASSWORD:
    file: directus/DB_PASSWORD
  DIRECTUS_ADMIN_PASSWORD:
    file: directus/DIRECTUS_ADMIN_PASSWORD

volumes:
  nfs:


services:
  cache:
    image: redis/redis:6
    networks:
    - ic-net
    ports:
    - 6379:6379
  directus:
    secrets:
    - DB_PASSWORD
    - DIRECTUS_ADMIN_PASSWORD
    environment:
      CORS_ENABLED: "false"
      CACHE_ENABLED: "false"
      CACHE_REDIS: redis://cache:6379
      CACHE_STORE: redis
      DB_CLIENT: pg
      DB_DATABASE: Directus
      DB_HOST: 1.2.3.4
      DB_PASSWORD_FILE: "/run/secrets/DB_PASSWORD"
      DB_PORT: "5432"
      DB_USER: srv-directus
      DIRECTUS_ADMIN_EMAIL: admin@example.com
      DIRECTUS_ADMIN_PASSWORD_FILE: "/run/secrets/DIRECTUS_ADMIN_PASSWORD"
      KEY: 7b536587-d81d-4719-b3f8-7228dadff5de
      PORT: 8055
      SECRET: dceaaf2e-dea0-4383-af6a-8885752ae673
      STORAGE_LOCAL_ROOT: /volumes/directus/uploads
      # PUBLIC_URL: / # this works
      PUBLIC_URL: https://example.com/api/cms/ # that don't
      ROOT_REDIRECT: https://example.com/new/error/404
      LOG_LEVEL: trace
    image: directus/directus:9.0.0-rc.97
    networks:
      site-overlay-network:
        aliases:
        - directus
    ports:
    - 8055:8055
    volumes:
    - nfs:/volumes
  1. Create collection
  2. Access collection using directus admin UI

Errors Shown

GET https://example.com/api/cms/items/main_slider?limit=25&fields[]=header_label&fields[]=header_label_inline&fields[]=id&fields[]=status&sort[]=id&page=1&filter=%7B%22status%22:%7B%22_neq%22:%22archived%22%7D%7D&meta[]=filter_count&meta[]=total_count 400 (Bad Request)

{
  "errors": [
    {
      "message": "\"filter\" must be of type object",
      "extensions": {
        "code": "INVALID_QUERY"
      }
    }
  ]
}

What version of Directus are you using?

9.0.0-rc.97

What version of Node.js are you using?

v16.11.1

What database are you using?

PostgreSQL 10.3 on x86_64-pc-linux-gnu, compiled by gcc (GCC) 4.4.7 20120313 (Red Hat 4.4.7-18), 64-bit

What browser are you using?

Chrome

What operating system are you using?

Linux

How are you deploying Directus?

Docker stack deploy
@azrikahar
Copy link
Contributor

azrikahar commented Oct 18, 2021
edited

I believe this might be an issue with the URL rewrite by your reverse proxy.

Notice how the request URL shown by the browser devtools is correct, as in let's focus on this little chunk: filter=%7B%22status.

This is correct since %7B equals {, %22 equals ". However in your server log, it became filter=%257B%2522status. This meant the 2 percentage signs were decoded again unnecessarily, since %25 is %.

For example, this is also an issue (with solution) for Nginx when it's reverse proxy-ing other applications as discussed here: https://serverfault.com/questions/459369/disabling-url-decoding-in-nginx-proxy

Can you check is this something to do with your reverse proxy? (if it's not Nginx, then it'll be helpful if you can verify the equivalent "skip URL decoding" for your reverse proxy isn't doing the same thing like the link above)

I'll close this issue first as I don't think it's an issue with Directus, but you can still get back to us here or even reach out to our community members for insights in this matter in our Discord server 👍

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Feb 3, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@rijkvanzanten @kamilru @azrikahar