Flyspray - The bug killer!

  • Status Unconfirmed
  • Percent Complete
    0%
  • Task Type Information
  • Category Backend/Core
  • Assigned To No-one
  • Operating System All
  • Severity Low
  • Priority Very Low
  • Reported Version 1.0 devel (github master)
  • Due in Version Undecided
  • Due Date Undecided
  • Votes
  • Private
Attached to Project: Flyspray - The bug killer!
Opened by aducom - 03.06.2018

FS#2466 - How to run under https

I have changed the htaccess.dist into .htaccess and modified to force https.
However, despite having https activated on my site I cannot get Flyspray running, it’s waiting forever.When I abort I get a page without makeup. I have all other applications like cms and wiki running under https, so it is something I have not done in the flyspray configs obviously (as this site is running https too). But could you give me a hint?

I installed flyspray in a subdirectory, if that is something to know about...

regards, Albert

aducom commented on 03.06.2018 07:45

In addition, I have set the subdir but I think the issue is in the html header:

  <script type="text/javascript" src="https://www.phspeed.com:80/flyspray/js/prototype/prototype.js"></script>
  <script type="text/javascript" src="https://www.phspeed.com:80/flyspray/js/script.aculo.us/scriptaculous.js"></script>

I can't tell, but if I use the url without the :80 I am able to access the files. How can I prevent the :80 here?

Project Manager
peterdd commented on 03.06.2018 17:47

Mmh, all generated links are https://www.phspeed.com:80/flyspray/ Which should be https://www.phspeed.com/flyspray/

Most link generation use the $baseurl , which is set early in includes/constants.inc.php at between line 14-32.

Maybe a redirect loop?
Maybe Flyspray::absoluteURI() function produces that unwanted result?

What shows a simple wrap around

$baseurl = rtrim(Flyspray::absoluteURI($webdir),'/\\') . '/' ;

in includes/constants.inc.php? (around line 31 in that file current 1.0-rc7 dev)

echo '<pre>';
echo '$webdir is '.$webdir."\n";
    $baseurl = rtrim(Flyspray::absoluteURI($webdir),'/\\') . '/' ;
echo '$baseurl is '. $baseurl."\n";
echo '$_SERVER ';
print_r($_SERVER);
die();
Project Manager
peterdd commented on 03.06.2018 17:51

It seems you can also set
force_baseurl in your flyspray.conf.php

which is then used for overrule the automated stuff.

But better find the real reason.

aducom commented on 03.06.2018 20:34

I have created a ticket at my webhoster. If I find the reason (and solution) I will post it here. Otherwise I will try your work-arounds. Tnx for your response.

aducom commented on 14.06.2018 10:09

It is still under investigation, but the first reaction of the hoster was that the website (under e107) and wiki (mediawiki) where running well under https (they do) so that the issue should be found within the flyspray environment. That reaction was to be expected. I'll try your options.

Project Manager
peterdd commented on 14.06.2018 14:24

I think the error or misconfiguration is easy to locate by following https://bugs.flyspray.org/2466#comment5587

and showing the output of that code example change there.

Which version of Flyspray do you installed?

aducom commented on 15.06.2018 17:55

I'm using the current stable. I'm running it on another site on https without problems. So it must be something of the hoster config. However they advised me to set some rewrites that are already there in the .htaccess. I'll try your option.

aducom commented on 15.06.2018 18:08

You're right, baseurl is not giving the expected result:

$webdir is /flyspray
$baseurl is https://www.phspeed.com:80/flyspray/ $_SERVER Array
(

  [ONECOM_DOMAIN_NAME] => phspeed.com
  [ONECOM_DOMAIN_ROOT] => /customers/3/0/6/phspeed.com/
  [ONECOM_MEMORYLIMIT] => 1073741824
  [ONECOM_CPU_SHARES] => 1024
  [ONECOM_EXEC] => php7.0
  [ONECOM_DIR_LAYOUT_VER] => 0
  [CONTENT_LENGTH] => 0
  [HTTP_CONNECTION] => close
  [SCRIPT_NAME] => /flyspray/index.php
  [REQUEST_URI] => /flyspray/
  [QUERY_STRING] => 
  [REQUEST_METHOD] => GET
  [SERVER_PROTOCOL] => HTTP/1.1
  [GATEWAY_INTERFACE] => CGI/1.1
  [REMOTE_PORT] => 44942
  [SCRIPT_FILENAME] => /customers/3/0/6/phspeed.com/httpd.www/flyspray/index.php
  [SERVER_ADMIN] => support@one.com
  [REMOTE_ADDR] => 82.73.229.225
  [SERVER_PORT] => 80
  [SERVER_ADDR] => 10.27.19.23
  [SERVER_NAME] => www.phspeed.com
  [SERVER_SOFTWARE] => Apache
  [SERVER_SIGNATURE] => 
  [PATH] => /usr/local/bin:/usr/bin:/bin
  [HTTP_X_VARNISH] => 476976043
  [HTTP_X_ONECOM_HOST] => phspeed.com
  [HTTP_X_FORWARDED_PROTO] => https
  [HTTP_X_ONECOM_FORWARDED_PROTO] => https
  [HTTP_X_ONECOM_FORWARDED_IP] => 82.73.229.225
  [HTTP_X_FORWARDED_FOR] => 82.73.229.225
  [HTTP_CACHE_CONTROL] => max-age=0
  [HTTP_UPGRADE_INSECURE_REQUESTS] => 1
  [HTTP_COOKIE] => flyspray=c9d1sleeebrho9300fkpmtn9i3tenp0i; cookieconsent_dismissed=yes; PHsP_cookieSID=63g54dts8soodspjk024incqhnn80423hgae9jp9r6ovf2ejgrk4idk56o31u5q3nabjd69cdkfrs716kl09ipn9i1gfbvdfjhp2v43
  [HTTP_ACCEPT_ENCODING] => gzip, deflate, br
  [HTTP_ACCEPT_LANGUAGE] => en-US,en;q=0.5
  [HTTP_ACCEPT] => text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
  [HTTP_USER_AGENT] => Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:60.0) Gecko/20100101 Firefox/60.0
  [HTTP_SCHEME] => https
  [HTTP_HOST] => www.phspeed.com
  [HTTP_MOD_REWRITE_MEDIA] => On
  [HTTP_MOD_REWRITE] => On
  [ENV_VCV_ENV_ADDONS_ID] => one.com
  [ENV_VCV_TOKEN_URL] => https://wpapi.one.com/api/v1.0/plugins/visualcomposer/activate
  [ONECOM_WP_ADDONS_API] => https://wpapi.one.com
  [ONECOM_WEBSHOP_HOST] => webshop3.cst.webpod5-cph3.one.com
  [HTTPS] => on
  [ONECOM_TMPDIR] => /customers/3/0/6/phspeed.com//tmp
  [DOMAIN_NAME] => phspeed.com
  [ONECOM_DOCUMENT_ROOT] => /customers/3/0/6/phspeed.com/httpd.www
  [DOCUMENT_ROOT] => /customers/3/0/6/phspeed.com/httpd.www
  [ONECOM_CLIENT_IP] => 82.73.229.225
  [FCGI_ROLE] => RESPONDER
  [PHP_SELF] => /flyspray/index.php
  [REQUEST_TIME_FLOAT] => 1529086060.3722
  [REQUEST_TIME] => 1529086060

)

aducom commented on 15.06.2018 18:17

A quick (and very dirty solution for now)

  $baseurl = str_replace(':80','', rtrim(Flyspray::absoluteURI($webdir),'/\\') . '/' );
aducom commented on 20.06.2018 20:12

This solution was not sufficient, also assigning $baseurl directly with the correct url doesn't work fully. Once you logon you still get the :80 error. It is caused in the authenticate.php where Flyspray::Redirect(Req::val('return_to')); does not contain the correct value. Once I changed it to $baseurl it was working well (so far).

Project Manager
peterdd commented on 22.06.2018 23:12

Maybe this is related to FS#2142

Your $_SERVER vars like [HTTP_X_VARNISH] ⇒ 476976043

[HTTP_X_FORWARDED_PROTO] => https
[HTTP_X_ONECOM_FORWARDED_PROTO] => https
[HTTP_X_ONECOM_FORWARDED_IP]

indicates your hosting is using a proxy ? (I'm not familiar with 'reverse proxy', so if I' wrong correct me.)

Matt Hoskins commented on 18.07.2018 13:38

Yeah, that does look like there's an http reverse proxy (aka gateway). The port the headers are listing for the incoming connection being on is port 80, which is the http port and not the https one. It looks like the proxying is done over https nonetheless - perhaps worth asking the provider why [SERVER_PORT] is 80 for an https connection :)

The section of the flyspray code which decides whether or not to include the port number for an https protocol connection for the post-authentication url generation is in includes/class.flyspray.php and is this:

        if ($protocol == 'https' && $port == 443) {
            unset($port);
        }

I'm guessing in this flyspray instance setup it is seeing a $port of 80 so it's not unsetting it from inclusion in the url.

aducom - in my reverse proxy setup I edited that section to unset $port conditionally - if you know that you'll never access your flyspray instance via urls which include a port number you could just change it to always do unset($port). Of course you'll need to remember to reapply the same fix if you ever update (unless/until FS#2142 is sorted).

Loading...

Available keyboard shortcuts

Tasklist

Task Details

Task Editing