Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

WWW-Authenticate sent twice #751

Closed
rfc2822 opened this issue Aug 5, 2016 · 1 comment
Closed

WWW-Authenticate sent twice #751

rfc2822 opened this issue Aug 5, 2016 · 1 comment
Labels
bug feature: dav

Comments

@rfc2822
Copy link
Contributor

rfc2822 commented Aug 5, 2016

Steps to reproduce

  1. Send an unauthenticated request, for instance HEAD /nextcloud/remote.php/dav
  2. Nextcloud returns the WWW-Authenticate: Basic realm="sabre/dav" header twice

Expected behaviour

WWW-Authenticate should only be sent once. It's not actually a problem, but it might be confusing for clients, and it seems like there is some flaw in the authentication logic.

Actual behaviour

WWW-Authenticate is sent twice.

Server configuration

Operating system: Debian GNU/Linux 8.4 (jessie)

Web server: Apache/2.4.10 (Debian)

Database: MySQL 5.5.49-0+deb7u1

PHP version: 5.6.19+dfsg-0+deb8u1

Nextcloud version: 9.0.51 (see Nextcloud admin page)

Updated from an older Nextcloud/ownCloud or fresh install: relatively fresh install, maybe minor updates

Where did you install Nextcloud from: .zip file

Signing status:

Signing status

No errors have been found.

List of activated apps:

App list

Enabled:
  - activity: 2.2.1
  - admin_audit: 1.0.0
  - calendar: 1.2.2
  - comments: 0.2
  - contacts: 1.3.1.0
  - dav: 0.1.6
  - federatedfilesharing: 0.1.0
  - federation: 0.0.4
  - files: 1.4.4
  - files_pdfviewer: 0.8.1
  - files_sharing: 0.9.1
  - files_texteditor: 2.1
  - files_trashbin: 0.8.0
  - files_versions: 1.2.0
  - files_videoplayer: 0.9.8
  - firstrunwizard: 1.1
  - gallery: 14.5.0
  - notifications: 0.2.3
  - provisioning_api: 0.4.1
  - systemtags: 0.2
  - tasks: 0.9.1
  - templateeditor: 0.1
  - updatenotification: 0.1.0
Disabled:
  - encryption
  - external
  - files_external
  - user_external
  - user_ldap

The content of config/config.php:

Config report

{
    "system": {
        "instanceid": "ocuh0gs6er9o",
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
        "secret": "***REMOVED SENSITIVE VALUE***",
        "trusted_domains": [
            "debian-test.lan"
        ],
        "datadirectory": "\/var\/www\/nextcloud\/data",
        "overwrite.cli.url": "http:\/\/debian-test.lan\/nextcloud",
        "dbtype": "sqlite3",
        "version": "9.0.51.0",
        "logtimezone": "UTC",
        "installed": true,
        "appstore.experimental.enabled": false
    }
}

Are you using external storage, if yes which one: no

Are you using encryption: no

Are you using an external user-backend, if yes which one: no

Client configuration

Browser: curl 7.47.1 (x86_64-redhat-linux-gnu) libcurl/7.47.1 NSS/3.23 Basic ECC zlib/1.2.8 libidn/1.33 libpsl/0.13.0 (+libidn/1.32) libssh2/1.7.0 nghttp2/1.7.1

Operating system: Fedora release 24 (Twenty Four)
@MorrisJobke
Copy link
Member

I can't reproduce this with current master anymore. On stable11 I still see this. As there is no real problem as of now I will close this, because it seems to be fixed with master/upcoming Nextcloud 12.

@nextcloud-bot nextcloud-bot mentioned this issue Nov 11, 2018
Closed
@Excpt0r Excpt0r mentioned this issue Jun 23, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug feature: dav
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@rfc2822 @nickvergessen @MorrisJobke