Steps to reproduce
Trying to fav files like jpg, png, css
Expected behaviour
setting yellow fav-star
Actual behaviour
Error message “An error occurred while trying to update the tags”
Server configuration
Operating system: CentOS Linux Version 7
Web server: Apache (on Managed Cloud Service)
Database: MySQL
PHP version: 7.4.33
ownCloud version: 10.13.4.1
Updated from an older ownCloud or fresh install: updated
Where did you install ownCloud from: stable | download.owncloud.com
Signing status (ownCloud 9.0 and above): No errors have been found.
The content of config/config.php:
List of activated apps:
Enabled:
- activity:
- Version: 2.7.2
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps-external/activity
- brute_force_protection:
- Version: 1.3.0
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps-external/brute_force_pr otection
- comments:
- Version: 0.3.0
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps/comments
- configreport:
- Version: 0.2.2
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps/configreport
- dav:
- Version: 0.7.0
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps/dav
- diagnostics:
- Version: 0.2.0
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps/diagnostics
- encryption:
- Version: 1.6.1
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps/encryption
- external:
- Version: 1.4.0
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps/external
- extract:
- Version: 1.3.6
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps-external/extract
- federatedfilesharing:
- Version: 0.5.0
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps/federatedfilesharing
- federation:
- Version: 0.1.0
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps/federation
- files:
- Version: 1.6.0
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps/files
- files_clipboard:
- Version: 1.0.3
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps-external/files_clipboar d
- files_mediaviewer:
- Version: 1.0.5
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps/files_mediaviewer
- files_pdfviewer:
- Version: 1.0.2
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps-external/files_pdfviewe r
- files_sharing:
- Version: 0.14.0
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps/files_sharing
- files_trashbin:
- Version: 0.9.1
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps/files_trashbin
- files_versions:
- Version: 1.3.0
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps/files_versions
- guests:
- Version: 0.12.4
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps-external/guests
- Theme:
- Version: 1.0.0
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps-external/Theme
- impersonate:
- Version: 0.6.0
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps-external/impersonate
- market:
- Version: 0.8.0
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps/market
- onlyoffice:
- Version: 8.2.3
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps-external/onlyoffice
- provisioning_api:
- Version: 0.5.0
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps/provisioning_api
- twofactor_totp:
- Version: 0.9.0
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps-external/twofactor_totp
- updatenotification:
- Version: 0.2.1
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps/updatenotification
Disabled:
- admin_audit:
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps/admin_audit
- announcementcenter:
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps-external/announcementce nter
- customgroups:
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps-external/customgroups
- drawio:
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps/drawio
- enterprise_key:
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps/enterprise_key
- files_antivirus:
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps/files_antivirus
- files_classifier:
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps/files_classifier
- files_external:
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps/files_external
- files_external_dropbox:
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps/files_external_dropbox
- files_external_ftp:
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps/files_external_ftp
- files_ldap_home:
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps/files_ldap_home
- files_lifecycle:
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps-external/files_lifecycl e
- files_primary_s3:
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps/files_primary_s3
- files_texteditor:
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps/files_texteditor
- firewall:
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps/firewall
- firstrunwizard:
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps/firstrunwizard
- graphapi:
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps/graphapi
- openidconnect:
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps/openidconnect
- password_policy:
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps/password_policy
- ransomware_protection:
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps/ransomware_protection
- sharepoint:
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps/sharepoint
- systemtags:
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps/systemtags
- systemtags_management:
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps/systemtags_management
- theme-enterprise:
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps/theme-enterprise
- user_external:
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps/user_external
- user_shibboleth:
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps/user_shibboleth
- web:
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps/web
- wopi:
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps/wopi
- workflow:
- Path: /var/www/vhosts/***REMOVED SENSITIVE VALUE***/htdocs/apps/workflow
Are you using external storage, if yes which one: no
Are you using encryption: yes
Are you using an external user-backend, if yes which one: WebDAV
Client configuration
Browser: testet on latest Firefox and Chrome
Operating system: Win 11
Logs
Web server error log:
let me know if necessary
ownCloud log (data/owncloud.log):
Even with a high level of detail, no entries can be found in a chronological or content-related context.
Browser log:
XHRPOST
https://***REMOVED SENSITIVE VALUE***/apps/files/api/v1/files/***REMOVED SENSITIVE VALUE***.jpg
[HTTP/1.1 405 Method Not Allowed 120ms]
POST
https://***REMOVED SENSITIVE VALUE***/apps/files/api/v1/files/***REMOVED SENSITIVE VALUE***.jpg
Status
405
Method Not Allowed
VersionHTTP/1.1
Übertragen2,01 kB (0 B Größe)
Referrer Policyno-referrer
Anfrage-PrioritätHighest
DNS-AuflösungSystem
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Length
0
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; frame-src *; img-src * data: blob:; font-src 'self' data:; media-src *; connect-src *
Content-Type
text/html; charset=UTF-8
Date
Wed, 06 Mar 2024 09:42:41 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=99
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-Robots-Tag
none
X-XSS-Protection
0
Accept
application/json, text/javascript, */*; q=0.01
Accept-Encoding
gzip, deflate, br
Accept-Language
de_DE
Connection
keep-alive
Content-Length
29
Content-Type
application/json
Cookie
borlabs-cookie=***REMOVED SENSITIVE VALUE***
Host
***REMOVED SENSITIVE VALUE***
OCS-APIREQUEST
true
Origin
https://***REMOVED SENSITIVE VALUE***
requesttoken
***REMOVED SENSITIVE VALUE***
Sec-Fetch-Dest
empty
Sec-Fetch-Mode
cors
Sec-Fetch-Site
same-origin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:123.0) Gecko/20100101 Firefox/123.0
X-Requested-With
XMLHttpRequest
Additional details
Our htaccess contains a few lines of “hardening”:
<IfModule mod_rewrite.c>
Options -MultiViews
RewriteRule ^favicon.ico$ core/img/favicon.ico [L]
RewriteRule ^core/js/oc.js$ index.php [PT,E=PATH_INFO:$1]
RewriteRule ^core/preview.png$ index.php [PT,E=PATH_INFO:$1]
RewriteCond %{REQUEST_URI} !\.(css|js|svg|gif|png|html|ttf|woff|ico|jpg|jpeg|json|properties)$
RewriteCond %{REQUEST_URI} !\.(min|js|auto)\.map$
RewriteCond %{REQUEST_URI} !^/core/img/favicon\.ico$
RewriteCond %{REQUEST_URI} !^/robots\.txt$
RewriteCond %{REQUEST_URI} !^/remote\.php
RewriteCond %{REQUEST_URI} !^/public\.php
RewriteCond %{REQUEST_URI} !^/cron\.php
RewriteCond %{REQUEST_URI} !^/core/ajax/update\.php
RewriteCond %{REQUEST_URI} !^/status\.php$
RewriteCond %{REQUEST_URI} !^/ocs/v1\.php
RewriteCond %{REQUEST_URI} !^/ocs/v2\.php
RewriteCond %{REQUEST_URI} !^/updater/
RewriteCond %{REQUEST_URI} !^/ocs-provider/
RewriteCond %{REQUEST_URI} !^/ocm-provider/
RewriteCond %{REQUEST_URI} !^/\.well-known/(acme-challenge|pki-validation)/.*
RewriteRule . index.php [PT,E=PATH_INFO:$1]
RewriteBase /
<IfModule mod_env.c>
SetEnv front_controller_active true
<IfModule mod_dir.c>
DirectorySlash off
</IfModule>
</IfModule>
</IfModule>
Apparently, it is precisely these file formats that cannot be marked, whereas others work. We had removed the lines as a test, but they are added again when occ maintenance:update:htaccess is executed. Is this default behaviour or perhaps the cause of our problem?