403 Forbidden error while making a server request that doesn't allow anonymous user

[EmilieCrx]

Hi, In version 4.11.0, we get a 403 Forbidden error with the message “Oops… there was a problem during the request. …” while making an ajax request as an anonymous user like sorting a column (in any report). When the LoginLDAP plugin is deactivated the error no longer occurs. Do we need to change anything in the plugin configuration to fix this problem?

[EmilieCrx]

Here is an example of Ajax query: https://server_url/index.php?date=today&module=CoreHome&action=saveViewDataTableParameters&report_id=Actions.getPageUrls&containerId=&idSite=2&period=month

[snake14]

Hi @EmilieCrx . Thank you for taking the time to create this issue. I believe I was able to reproduce the issue using the following URL: https://my_domain/index.php?date=2022-09-05&module=CoreHome&action=saveViewDataTableParameters&report_id=Live.getLastVisitsDetails&containerId=&idSite=1&period=day. I went to the Visits Log and changed the page size. When I had the LDAP plugin enabled, the saveViewDataTableParameters request failed, but it didn't when I had the LDAP plugin disabled. I will mark this issue to be prioritised by our product team.

[justinvelluppillai]

@jane-twizel are you able to see this repo/issue?

[EmilieCrx]

Hi @snake14 and @justinvelluppillai, The error does not occur anymore after updating matomo to version 4.13.3 and LoginLdap plugin to version 4.5.4.

[AltamashShaikh]

@snake14 Can you check if its still reproducible and close it if not ?

[EmilieCrx]

Sorry the problem is still there, I leave it open.

[snake14]

@AltamashShaikh Yes. I was able to reproduce the 403 response with Matomo 4.13.3 and LoginLdap version 4.7.1