Hello, Thank you Aravind SV for the private reply.
I'm just replying here for reference in case anyone else has a similar problem in the future. I have checked that both the “Site URL” and “Secure Site URL” in the “Server Configuration” (https://your-server/go/admin/config/server) point to the “https” URL. However this does not resolve the problem (unless there is a cache that needs clearing somewhere I'm not aware of) I have installed an older version of Firefox via PortableApps. I am able to use Firefox (v52) to make the required changes to the PipelineGroups (which is a short term workaround). So whatever the cause of the problem it is specific to something that is not accepted by the fully up to date browsers. I will try upgrading my GoCD instance in due course and see if that gives a better solution. Many thanks, Andy Andy Smith Head of Technical Development MapAction Mapping for people in crisis Douglas Court, 1-2 Seymour Business Park, Station Road, Chinnor, OX39 4HA t: +44 (0)1494 568 899 | mapaction.org | [email protected] Please note my regular working days are Tuesday to Friday For more information about the MapAction privacy policy see mapaction.org/privacy On Fri, 10 Jul 2020 at 16:11, [email protected] <[email protected]> wrote: > > Dear All, > > I have recently started having problems making changes to pipeline groups > via the Web UI. This server has been in use for a bit shy of a year and > there have been no recent changes to the configuration. I'd be very > grateful for any pointers for how to debug this please. > > Server details; GoCD Version: 19.10.0 on Ubuntu 18.04.3 LTS > > When I attempt to create a new pipeline group I now get this error message > in the browser: > > "Add New Pipeline Group > The change you wanted was rejected. > Maybe you tried to change something you didn't have access to. > If you are the application owner check the logs for more information." > > An error message is added to the logfile > `/var/log/go-server/go-server.log` (I've added the full stack trace at the > bottom of the email): > ``` > 2020-07-10 11:10:15,261 WARN [qtp1750626127-41] Rails:-2 - HTTP Origin > header (https://my.domain.com ) didn't match request.base_url ( > http://my.domain.com ) > 2020-07-10 11:10:15,275 ERROR [qtp1750626127-41] Rails:-1 - > 2020-07-10 11:10:15,276 ERROR [qtp1750626127-41] Rails:-1 - > ActionController::InvalidAuthenticityToken > (ActionController::InvalidAuthenticityToken): > 2020-07-10 11:10:15,276 ERROR [qtp1750626127-41] Rails:-1 - > 2020-07-10 11:10:15,277 ERROR [qtp1750626127-41] Rails:-1 - > gems/jruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_controller/metal/request_forgery_protection.rb:211:in > `handle_unverified_request' > ``` > > The error message in the logfile refers to the "http" prefix for the site > URL, I have not been able to find anywhere in the any of the config files > which uses the http protocol, only the "https" protocol, though I may have > missed something. > > > I *can* perform the same actions via API: > ``` > curl 'https://my.domain.com/go/api/admin/pipeline_groups' -H > 'Authorization: Bearer my-access-token' -H 'Accept: > application/vnd.go.cd.v1+json' -H 'Content-Type: application/json' -X POST > -d '{"name":"group_created_via_api"}' > ``` > > I've had a google for the error message, and could only find these two > references: > https://github.com/gocd/gocd/issues/5296 > https://gitter.im/gocd/gocd?at=5bc97dd41e23486b93e2421f > > Both of these point to a problems with the reverse proxy server, specific > browsers and github oauth, though neither specify what details of the > problem might be. > > I do have a reverse proxy configured, using Apache. I used this guide when > setting it up: > https://docs.gocd.org/current/installation/configure-reverse-proxy.html > > However the configure of the reverse proxy has not changed since Oct 2019, > and it has been working fine up until a couple of days ago. Nothing is > logged in `/var/log/apache2/error.log` when the error occurs in the WebUI. > > I did upgrade Firefox recently to Firefox version: 78.0.2. The is the only > significant change I aware of in the past few days. I have tried and have > the same problem with Chrome version 83.0.4103.116 and MS Edge > 44.17763.831.0, though I don't know if or when they were working previously. > > Finally the problem effects users authenticated with any of the Google > OAuth, Github OAuth or filebased authentication. In each case the user has > system admin privileges. > > Does anyone have any suggestions as to what the problem might be? Or any > other information I need to find to help debug? > > Many thanks, > Andy > > > Full stacktrace as given in the logfile extract: > ``` > 2020-07-10 11:10:15,261 WARN [qtp1750626127-41] Rails:-2 - HTTP Origin > header (https://my.domain.com ) didn't match request.base_url ( > http://my.domain.com ) > 2020-07-10 11:10:15,275 ERROR [qtp1750626127-41] Rails:-1 - > 2020-07-10 11:10:15,276 ERROR [qtp1750626127-41] Rails:-1 - > ActionController::InvalidAuthenticityToken > (ActionController::InvalidAuthenticityToken): > 2020-07-10 11:10:15,276 ERROR [qtp1750626127-41] Rails:-1 - > 2020-07-10 11:10:15,277 ERROR [qtp1750626127-41] Rails:-1 - > gems/jruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_controller/metal/request_forgery_protection.rb:211:in > `handle_unverified_request' > gems/jruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_controller/metal/request_forgery_protection.rb:243:in > `handle_unverified_request' > gems/jruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_controller/metal/request_forgery_protection.rb:238:in > `verify_authenticity_token' > gems/jruby/2.5.0/gems/activesupport-5.2.2.1/lib/active_support/callbacks.rb:426:in > `block in make_lambda' > gems/jruby/2.5.0/gems/activesupport-5.2.2.1/lib/active_support/callbacks.rb:179:in > `block in halting_and_conditional' > gems/jruby/2.5.0/gems/actionpack-5.2.2.1/lib/abstract_controller/callbacks.rb:34:in > `block in Callbacks' > gems/jruby/2.5.0/gems/activesupport-5.2.2.1/lib/active_support/callbacks.rb:180:in > `block in halting_and_conditional' > gems/jruby/2.5.0/gems/activesupport-5.2.2.1/lib/active_support/callbacks.rb:513:in > `block in invoke_before' > org/jruby/RubyArray.java:1801:in `each' > gems/jruby/2.5.0/gems/activesupport-5.2.2.1/lib/active_support/callbacks.rb:513:in > `invoke_before' > gems/jruby/2.5.0/gems/activesupport-5.2.2.1/lib/active_support/callbacks.rb:131:in > `run_callbacks' > gems/jruby/2.5.0/gems/actionpack-5.2.2.1/lib/abstract_controller/callbacks.rb:41:in > `process_action' > gems/jruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_controller/metal/rescue.rb:22:in > `process_action' > gems/jruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_controller/metal/instrumentation.rb:34:in > `block in process_action' > gems/jruby/2.5.0/gems/activesupport-5.2.2.1/lib/active_support/notifications.rb:168:in > `block in instrument' > gems/jruby/2.5.0/gems/activesupport-5.2.2.1/lib/active_support/notifications/instrumenter.rb:23:in > `instrument' > gems/jruby/2.5.0/gems/activesupport-5.2.2.1/lib/active_support/notifications.rb:168:in > `instrument' > gems/jruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_controller/metal/instrumentation.rb:32:in > `process_action' > gems/jruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_controller/metal/params_wrapper.rb:256:in > `process_action' > gems/jruby/2.5.0/gems/actionpack-5.2.2.1/lib/abstract_controller/base.rb:134:in > `process' > gems/jruby/2.5.0/gems/actionview-5.2.2.1/lib/action_view/rendering.rb:32:in > `process' > gems/jruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_controller/metal.rb:191:in > `dispatch' > gems/jruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_controller/metal.rb:252:in > `dispatch' > gems/jruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_dispatch/routing/route_set.rb:52:in > `dispatch' > gems/jruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_dispatch/routing/route_set.rb:34:in > `serve' > gems/jruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_dispatch/journey/router.rb:52:in > `block in serve' > org/jruby/RubyArray.java:1801:in `each' > gems/jruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_dispatch/journey/router.rb:35:in > `serve' > gems/jruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_dispatch/routing/route_set.rb:840:in > `call' > gems/jruby/2.5.0/gems/versionist-1.7.0/lib/versionist/middleware.rb:39:in > `_call' > gems/jruby/2.5.0/gems/versionist-1.7.0/lib/versionist/middleware.rb:17:in > `call' > gems/jruby/2.5.0/gems/rack-2.0.6/lib/rack/tempfile_reaper.rb:15:in `call' > gems/jruby/2.5.0/gems/rack-2.0.6/lib/rack/etag.rb:25:in `call' > gems/jruby/2.5.0/gems/rack-2.0.6/lib/rack/conditional_get.rb:38:in `call' > gems/jruby/2.5.0/gems/rack-2.0.6/lib/rack/head.rb:12:in `call' > gems/jruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_dispatch/http/content_security_policy.rb:18:in > `call' > uri:classloader:/jruby/rack/session_store.rb:79:in `context' > gems/jruby/2.5.0/gems/rack-2.0.6/lib/rack/session/abstract/id.rb:226:in > `call' > gems/jruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_dispatch/middleware/cookies.rb:670:in > `call' > gems/jruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_dispatch/middleware/callbacks.rb:28:in > `block in call' > gems/jruby/2.5.0/gems/activesupport-5.2.2.1/lib/active_support/callbacks.rb:98:in > `run_callbacks' > gems/jruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_dispatch/middleware/callbacks.rb:26:in > `call' > gems/jruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_dispatch/middleware/debug_exceptions.rb:61:in > `call' > gems/jruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_dispatch/middleware/show_exceptions.rb:33:in > `call' > gems/jruby/2.5.0/gems/railties-5.2.2.1/lib/rails/rack/logger.rb:38:in > `call_app' > gems/jruby/2.5.0/gems/railties-5.2.2.1/lib/rails/rack/logger.rb:28:in > `call' > gems/jruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_dispatch/middleware/remote_ip.rb:81:in > `call' > gems/jruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_dispatch/middleware/request_id.rb:27:in > `call' > gems/jruby/2.5.0/gems/rack-2.0.6/lib/rack/method_override.rb:22:in `call' > gems/jruby/2.5.0/gems/rack-2.0.6/lib/rack/runtime.rb:22:in `call' > gems/jruby/2.5.0/gems/activesupport-5.2.2.1/lib/active_support/cache/strategy/local_cache_middleware.rb:29:in > `call' > gems/jruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_dispatch/middleware/executor.rb:14:in > `call' > gems/jruby/2.5.0/gems/actionpack-5.2.2.1/lib/action_dispatch/middleware/static.rb:127:in > `call' > gems/jruby/2.5.0/gems/rack-2.0.6/lib/rack/sendfile.rb:111:in `call' > gems/jruby/2.5.0/gems/railties-5.2.2.1/lib/rails/engine.rb:524:in `call' > uri:classloader:/rack/handler/servlet.rb:22:in `call' > ``` > > -- > You received this message because you are subscribed to the Google Groups > "go-cd" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/go-cd/f9a6339c-a374-4004-bcab-74324cf7246dn%40googlegroups.com > <https://groups.google.com/d/msgid/go-cd/f9a6339c-a374-4004-bcab-74324cf7246dn%40googlegroups.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "go-cd" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/go-cd/CAM5WB9C%2BDKvQHB8A073ysFAq0t4SfboqmDw4G3m5%2BeLJhYJQow%40mail.gmail.com.
