diff options
-rw-r--r-- | doc/md/Troubleshooting.md | 81 |
1 files changed, 15 insertions, 66 deletions
diff --git a/doc/md/Troubleshooting.md b/doc/md/Troubleshooting.md index 78211809..01fd9840 100644 --- a/doc/md/Troubleshooting.md +++ b/doc/md/Troubleshooting.md | |||
@@ -1,64 +1,5 @@ | |||
1 | # Troubleshooting | 1 | # Troubleshooting |
2 | 2 | ||
3 | ## Browser | ||
4 | |||
5 | ### Redirection issues (HTTP Referer) | ||
6 | |||
7 | Depending on its configuration and installed plugins, the browser may remove or alter (spoof) HTTP referers, thus preventing Shaarli from properly redirecting between pages. | ||
8 | |||
9 | See: | ||
10 | |||
11 | - [HTTP referer](https://en.wikipedia.org/wiki/HTTP_referer) (Wikipedia) | ||
12 | - [Improve online privacy by controlling referrer information](http://www.ghacks.net/2015/01/22/improve-online-privacy-by-controlling-referrer-information/) | ||
13 | - [Better security, privacy and anonymity in Firefox](http://b.agilob.net/better-security-privacy-and-anonymity-in-firefox/) | ||
14 | |||
15 | ### Firefox HTTP Referer options | ||
16 | |||
17 | HTTP settings are available by browsing `about:config`, here are the available settings and their values. | ||
18 | |||
19 | `network.http.sendRefererHeader` - determines when to send the Referer HTTP header | ||
20 | |||
21 | - `0`: Never send the referring URL | ||
22 | - not recommended, may break some sites | ||
23 | - `1`: Send only on clicked links | ||
24 | - `2` (default): Send for links and images | ||
25 | |||
26 | `network.http.referer.XOriginPolicy` - Cross-domain origin policy | ||
27 | |||
28 | - `0` (default): Always send | ||
29 | - `1`: Send if base domains match | ||
30 | - `2`: Send if hosts match | ||
31 | |||
32 | `network.http.referer.spoofSource` - Referer spoofing (~faking) | ||
33 | |||
34 | - `false` (default): real referer | ||
35 | - `true`: spoof referer (use target URI as referer) | ||
36 | - known to break some functionality in Shaarli | ||
37 | |||
38 | `network.http.referer.trimmingPolicy` - trim the URI not to send a full Referer | ||
39 | |||
40 | - `0`: (default): send full URI | ||
41 | - `1`: scheme+host+port+path | ||
42 | - `2`: scheme+host+port | ||
43 | |||
44 | ### Firefox, localhost and redirections | ||
45 | |||
46 | `localhost` is not a proper Fully Qualified Domain Name (FQDN); if Firefox has | ||
47 | been set up to spoof referers, or only accept requests from the same base domain/host, | ||
48 | Shaarli redirections will not work properly. | ||
49 | |||
50 | To solve this, assign a local domain to your host, e.g. | ||
51 | ``` | ||
52 | 127.0.0.1 localhost desktop localhost.lan | ||
53 | ::1 localhost desktop localhost.lan | ||
54 | ``` | ||
55 | |||
56 | and browse Shaarli at http://localhost.lan/. | ||
57 | |||
58 | Related threads: | ||
59 | - [What is localhost.localdomain for?](https://bbs.archlinux.org/viewtopic.php?id=156064) | ||
60 | - [Stop returning to the first page after editing a bookmark from another page](https://github.com/shaarli/Shaarli/issues/311) | ||
61 | |||
62 | ## Login | 3 | ## Login |
63 | 4 | ||
64 | ### I forgot my password! | 5 | ### I forgot my password! |
@@ -69,12 +10,19 @@ Delete the file `data/config.json.php` and display the page again. You will be a | |||
69 | 10 | ||
70 | Login form is protected against brute force attacks: 4 failed logins will ban the IP address from login for 30 minutes. Banned IPs can still browse links. | 11 | Login form is protected against brute force attacks: 4 failed logins will ban the IP address from login for 30 minutes. Banned IPs can still browse links. |
71 | 12 | ||
72 | To remove the current IP bans, delete the file `data/ipbans.php` | 13 | - To remove the current IP bans, delete the file `data/ipbans.php` |
14 | - To list all login attempts, see `data/log.txt` (succesful/failed logins, bans/lifted bans) | ||
73 | 15 | ||
74 | ### List of all login attempts | 16 | ## Browser issues |
75 | 17 | ||
76 | The file `data/log.txt` shows all logins (successful or failed) and bans/lifted bans. | 18 | ### Redirection issues (HTTP Referer) |
77 | Search for `failed` in this file to look for unauthorized login attempts. | 19 | |
20 | Depending on its configuration and installed plugins, the browser may remove or alter (spoof) [HTTP referers](https://en.wikipedia.org/wiki/HTTP_referer), thus preventing Shaarli from properly redirecting between pages. Referer settings are available by browsing `about:config` and are documented [here](https://wiki.mozilla.org/Security/Referrer). `network.http.referer.spoofSource = true` in particular is known to break some functionality in Shaarli. | ||
21 | |||
22 | ### Firefox, localhost and redirections | ||
23 | |||
24 | `localhost` is not a proper Fully Qualified Domain Name (FQDN); if Firefox has been set up to spoof referers, or only accept requests from the same base domain/host, | ||
25 | Shaarli redirections will not work properly. To solve this, assign a local domain to your host, e.g. `localhost.lan` in your [hosts file](https://en.wikipedia.org/wiki/Hosts_(file)) and browse Shaarli at http://localhost.lan/. | ||
78 | 26 | ||
79 | ## Hosting problems | 27 | ## Hosting problems |
80 | 28 | ||
@@ -123,10 +71,11 @@ This can be caused by several things: | |||
123 | - You may be using OperaTurbo or OperaMini, which use their own proxies which may change from time to time. | 71 | - You may be using OperaTurbo or OperaMini, which use their own proxies which may change from time to time. |
124 | - If you have another application on the same webserver where Shaarli is installed, these application may forcefully expire php sessions. | 72 | - If you have another application on the same webserver where Shaarli is installed, these application may forcefully expire php sessions. |
125 | 73 | ||
74 | ### Old apache versions, Internal Server Error | ||
75 | |||
76 | If you hosting provider only provides apache 2.2 and no support for `mod_version`, `.htaccess` files may cause 500 errors (Internal Server Error). See [this workaround](https://github.com/shaarli/Shaarli/issues/1196#issuecomment-412271085). | ||
77 | |||
126 | ## Sessions do not seem to work correctly on your server | 78 | ## Sessions do not seem to work correctly on your server |
127 | 79 | ||
128 | Follow the instructions in the error message. Make sure you are accessing shaarli via a direct IP address or a proper hostname. If you have **no dots** in the hostname (e.g. `localhost` or `http://my-webserver/shaarli/`), some browsers will not store cookies at all (this respects the [HTTP cookie specification](http://curl.haxx.se/rfc/cookie_spec.html)). | 80 | Follow the instructions in the error message. Make sure you are accessing shaarli via a direct IP address or a proper hostname. If you have **no dots** in the hostname (e.g. `localhost` or `http://my-webserver/shaarli/`), some browsers will not store cookies at all (this respects the [HTTP cookie specification](http://curl.haxx.se/rfc/cookie_spec.html)). |
129 | 81 | ||
130 | ## Old apache versions, Internal Server Error | ||
131 | |||
132 | If you hosting provider only provides apache 2.2 and no support for `mod_version`, `.htaccess` files may cause 500 errors (Internal Server Error). See [this workaround](https://github.com/shaarli/Shaarli/issues/1196#issuecomment-412271085). \ No newline at end of file | ||