passman icon indicating copy to clipboard operation
passman copied to clipboard

Published 20 hours ago verified publisher icon nextcloud

503 Error connecting to passman from browser

Open georgedorn opened this issue 6 years ago • 2 comments

Bug report

Steps to reproduce

  1. Install Nextcloud
  2. Install Passman
  3. Install passman browser extension (firefox and chrome both tested)
  4. Attempt to configure browser extension

Expected behaviour

It should log into the passman app.

Actual behaviour

Request headers:

GET /nextcloud/index.php/apps/passman/api/v2/vaults HTTP/1.1
Host: my.host.here
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
accept: application/json, text/plain, */*
authorization: Basic Z2Rvcm46[etc]=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response headers:

HTTP/1.1 503 Service Unavailable
Date: Tue, 24 Apr 2018 05:00:33 GMT
Server: Apache/2.4.18 (Ubuntu)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'nonce-WFh[etc]='; style-src 'self' 'unsafe-inline'; frame-src *; img-src * data: blob:; font-src 'self' data:; media-src *; connect-src *; object-src 'none'; base-uri 'self';
X-Frame-Options: SAMEORIGIN
Set-Cookie: ocx1w2cx2rhw=[etc]; path=/nextcloud; secure; HttpOnly
Set-Cookie: oc_sessionPassphrase=FBBo[etc]; path=/nextcloud; secure; HttpOnly
Set-Cookie: nc_sameSiteCookielax=true; path=/nextcloud; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=lax
Set-Cookie: nc_sameSiteCookiestrict=true; path=/nextcloud; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=strict
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Robots-Tag: none
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

If I visit the url /nextcloud/index.php/apps/passman/api/v2/vaults in a browser that is logged into nextcloud, I get a useful JSON response:

[
  {
    "vault_id": 1,
    "guid": "1DD35883-2F41-[etc]",
    "name": "me",
    "created": 1524545051,
    "public_sharing_key": "-----BEGIN PUBLIC KEY-----\r[snip]-----END PUBLIC KEY-----\r\n",
    "last_access": 1524545981,
    "challenge_password": "long encoded password here",
    "delete_request_pending": false
  }
]

Configuration

Operating system:
Ubuntu 16.04

Browser:
Firefox ESR, Firefox 52, Chrome (latest at time of writing).

Extensions that might cause interference:
None on Chrome, loaded it specifically to test this.

Passman version:
2.1.4

Operating system: Ubuntu 16.04

Web server: Apache2

Database: PostgreSQL 9.5

PHP version: 7.0

cloud server: Nextcloud or ownCloud Nextcloud

cloud version: (see admin page or version.php) 13.0.1.1

Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.

georgedorn avatar Apr 24 '18 05:04 georgedorn

i have the same problem. image

/apps/passman/api/v2/vaults return a valid json.

:+1:

Passman extension for chrome 2.1.1

Owncloud 10.0.9

fpiccinali avatar Aug 14 '18 09:08 fpiccinali

Duplicate of https://github.com/nextcloud/passman-webextension/issues/253

fpiccinali avatar Aug 14 '18 10:08 fpiccinali