Conversation
Notices
-
Embed this notice
silkevicious (silkevicious@libranet.de)'s status on Saturday, 20-Jul-2024 08:25:13 JST 
silkevicious
@support @alfred hi!
Today i was trying to connect from my app @fediphoto_lineage
After adding the instance server name usually spawn the authorization page, but now appears a white page with the text:
"Forbidden
You don't have the permission to access this resources."
Any ideas? Thank you! 😀-
Embed this notice
silkevicious (silkevicious@libranet.de)'s status on Sunday, 21-Jul-2024 20:03:44 JST
silkevicious
@alfred
User agent should be the default for android webview, and url is
https://$hostname/oauth/authorize?client_id=${app.clientId}&scope=$FEDI_REQUESTED_SCOPES&redirect_uri=${app.redirectUri}&response_type=code
@fediphoto_lineage -
Embed this notice
alfred (alfred@libranet.de)'s status on Sunday, 21-Jul-2024 20:03:46 JST
alfred
@silkevicious @fediphoto_lineage Hmm. I just found out that this could be related to a recent security fix for the Apache webserver. The encoded "?" isn't allowed in URLs anymore. Problem is, PHP is using this in the function "urlencode()". This would be bad. 😕
Another possibility is that the Friendica addon "blockbot" is blocking the client because it is using a generic User-Agent.
For the second possibility I have changed the config of that addon now.
Could you please retry again?
-
Embed this notice
silkevicious (silkevicious@libranet.de)'s status on Sunday, 21-Jul-2024 20:03:47 JST
silkevicious
@alfred @fediphoto_lineage tried but no luck -
Embed this notice
alfred (alfred@libranet.de)'s status on Sunday, 21-Jul-2024 20:03:48 JST
alfred
@silkevicious @fediphoto_lineage Can you try again, please? I have changed the server configuration. -
Embed this notice
silkevicious (silkevicious@libranet.de)'s status on Sunday, 21-Jul-2024 20:03:53 JST
silkevicious
@alfred ....and i just tried again but same result @fediphoto_lineage -
Embed this notice
alfred (alfred@libranet.de)'s status on Sunday, 21-Jul-2024 20:04:23 JST
alfred
@silkevicious @fediphoto_lineage Ok. Thank you! That's not good. It is the Apache issue then. The webserver itself is blocking the URL. There's a workaround to allow those URLs again but the related security issue is ranked as critical (9.1/10).
So, this must be fixed in Apache or by reworking all occurrences of encoded question marks in Friendicas code.
silkevicious likes this. -
Embed this notice
alfred (alfred@libranet.de)'s status on Saturday, 03-Aug-2024 04:50:24 JST
alfred
@silkevicious @alastor @fediphoto_lineage See here github.com/friendica/friendica… silkevicious likes this. -
Embed this notice
alfred (alfred@libranet.de)'s status on Saturday, 03-Aug-2024 04:50:25 JST
alfred
@silkevicious @alastor @fediphoto_lineage Honestly, I have no idea. I think it would be better if the URL for the authentication could be changed in Friendica. But I don't know if this can be done easily.
I'll ask this in the GitHub issue later today.
-
Embed this notice
alastor (alastor@libranet.de)'s status on Saturday, 03-Aug-2024 04:50:30 JST
alastor
@silkevicious @alfred @fediphoto_lineage
Hi there !
have the issue with Fedilab and also Tusky on android phone.
just for me to understand : do you think something will be done on Apache side ? -
Embed this notice
alfred (alfred@libranet.de)'s status on Sunday, 04-Aug-2024 23:29:58 JST
alfred
@silkevicious @alastor @fediphoto_lineage Fix is on the way... github.com/friendica/friendica… silkevicious likes this.
-
Embed this notice
All GNU social JP content and data are available under the