[GH-ISSUE #59] Handling of Secure Connection Errors #59

New issue

Closed

opened 2026-02-25 22:36:00 +03:00 by kerem · 5 comments

kerem commented 2026-02-25 22:36:00 +03:00

Owner

Copy link

Originally created by @SomePoorBastard on GitHub (Mar 25, 2018).
Original GitHub issue: https://github.com/floccusaddon/floccus/issues/59

Software versions

Browser(s):

Google Chrome

chrome://version

Google Chrome | 65.0.3325.181 (Official Build) (64-bit)
           -- | --
     Revision | dc3469be277cc962ba01d9c0cb5bb1a265676c36-refs/branch-heads/3325@{#725}
           OS | Linux      
   JavaScript | V8 6.5.254.41

Firefox

(To Be Amended on next test case)

Nextcloud: 13.0.1

Nextcloud Bookmarks app: 0.11.0

Floccus: 2.0.0

Steps to reproduce

1. Set up Nextcloud 13.0.1 using a self-signed certificate or a certificate chain with an untrusted certificate authority.
2. Install Nextcloud Bookmarks Version 0.11.0 (same revision as specified in Issue #56)
3. Install Floccus 2.0.0 on Google Chrome 65.0.3325.181 (or similar) and add a test account on the prepared Nextcloud service.
4. The error should appear at this point when you attempt to perform a synchronization.

Expected outcome

One of two outcomes:

1. A warning/error message under the extension's account window where the user is alerted to security session errors and possible solutions to those errors the user can take.
2. A dialog/message/setting recommendation to ask to enable trust of specific/all self-signed certificates (that last part with [all] self-signed certs may be a bad idea) under the extension's account window.
   ...

Actual outcome

1. An error status symbol under the extension's account window, which, when hovered over with the mouse, displays the "Failed to Fetch" message.
   ...

Additional Information

Floccus Logfile (Scrubbed of P.I.I. & replaced with dummy data)

Notes

The first two errors I believe were when when I forced a sync with development mode off. After turning development mode on, then opening the console and attempted to reproduce in front of my eyes, it successfully completed a synchronization. lol...

Originally created by @SomePoorBastard on GitHub (Mar 25, 2018). Original GitHub issue: https://github.com/floccusaddon/floccus/issues/59 <!-- Hello there! Thank you for providing feedback! Please answer the below questions to allow for as smooth a process of tackling the issue as possible :) --> ### Software versions <!-- Please provide the versions of the following software products in your set up --> #### Browser(s): ##### Google Chrome chrome://version ``` Google Chrome | 65.0.3325.181 (Official Build) (64-bit) -- | -- Revision | dc3469be277cc962ba01d9c0cb5bb1a265676c36-refs/branch-heads/3325@{#725} OS | Linux JavaScript | V8 6.5.254.41 ``` ##### Firefox (To Be Amended on next test case) #### Nextcloud: 13.0.1 #### Nextcloud Bookmarks app: 0.11.0 #### Floccus: 2.0.0 ### Steps to reproduce <!-- What did you do? Be as specific as possible --> 1. Set up Nextcloud 13.0.1 using a self-signed certificate or a certificate chain with an untrusted certificate authority. 2. Install Nextcloud Bookmarks Version 0.11.0 (same revision as specified in Issue #56) 3. Install Floccus 2.0.0 on Google Chrome 65.0.3325.181 (or similar) and add a test account on the prepared Nextcloud service. 4. The error should appear at this point when you attempt to perform a synchronization. ### Expected outcome <!-- What did you think was going to happen or what do you think should have happened? --> One of two outcomes: 1. A warning/error message under the extension's account window where the user is alerted to security session errors and possible solutions to those errors the user can take. 2. A dialog/message/setting recommendation to ask to enable trust of specific/all self-signed certificates (that last part with [all] self-signed certs may be a bad idea) under the extension's account window. ... ### Actual outcome <!-- What actually happened after you did the above steps? --> 1. An error status symbol under the extension's account window, which, when hovered over with the mouse, displays the "Failed to Fetch" message. ... ### Additional Information [Floccus Logfile ](https://gist.github.com/SomePoorBastard/3e29438dbe4d38266f00d8e457fd0582)(Scrubbed of P.I.I. & replaced with dummy data) ### Notes The first two errors I believe were when when I forced a sync with development mode off. After turning development mode on, then opening the console and attempted to reproduce in front of my eyes, it successfully completed a synchronization. lol...

kerem 2026-02-25 22:36:00 +03:00

• closed this issue
• added the
  bug
  waiting for more information
  labels

kerem commented 2026-02-25 22:36:00 +03:00

Author

Owner

Copy link

@marcelklehr commented on GitHub (Mar 25, 2018):

Mh. Are you able to login using the normal nextcloud frontend in the same browser? The fact that it worked the second time you tried is strange, as a certificate error usually doesn't resolve itself. It might be that nextcloud banned your ip after too many requests before?

<!-- gh-comment-id:375977430 --> @marcelklehr commented on GitHub (Mar 25, 2018): Mh. Are you able to login using the normal nextcloud frontend in the same browser? The fact that it worked the second time you tried is strange, as a certificate error usually doesn't resolve itself. It might be that nextcloud banned your ip after too many requests before?

kerem commented 2026-02-25 22:36:00 +03:00

Author

Owner

Copy link

@SomePoorBastard commented on GitHub (Mar 25, 2018):

I had definitely logged in just before according to my web history, but it's hard to say exactly what happened without diving into the server logs. I'll take a peek at those shortly.

<!-- gh-comment-id:375985088 --> @SomePoorBastard commented on GitHub (Mar 25, 2018): I had definitely logged in just before according to my web history, but it's hard to say exactly what happened without diving into the server logs. I'll take a peek at those shortly.

kerem commented 2026-02-25 22:36:00 +03:00

Author

Owner

Copy link

@SomePoorBastard commented on GitHub (Mar 27, 2018):

I'm not sure how long a ban lasts in Nextcloud's brute-force detection blacklist. Here is a snip from the logs at the time; starting at the time the requests were made:

{"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:00","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Run OC\\Authentication\\Token\\DefaultTokenCleanupJob job with ID 203","userAgent":"--","version":"13.0.1.1"}
{"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:00","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Invalidating session tokens older than 2018-03-24T03:00:00+00:00","userAgent":"--","version":"13.0.1.1"}
{"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:00","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Invalidating remembered session tokens older than 2018-03-10T03:00:00+00:00","userAgent":"--","version":"13.0.1.1"}
{"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:00","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Finished OC\\Authentication\\Token\\DefaultTokenCleanupJob job with ID 203 in 0 seconds","userAgent":"--","version":"13.0.1.1"}
{"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:00","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Run OCA\\Files_Sharing\\DeleteOrphanedSharesJob job with ID 7","userAgent":"--","version":"13.0.1.1"}
{"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:00","remoteAddr":"","user":"--","app":"DeleteOrphanedSharesJob","method":"--","url":"--","message":"0 orphaned share(s) deleted","userAgent":"--","version":"13.0.1.1"}
{"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:00","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Finished OCA\\Files_Sharing\\DeleteOrphanedSharesJob job with ID 7 in 0 seconds","userAgent":"--","version":"13.0.1.1"}
{"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:00","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Run OCA\\Files\\BackgroundJob\\CleanupFileLocks job with ID 4","userAgent":"--","version":"13.0.1.1"}
{"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:00","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Finished OCA\\Files\\BackgroundJob\\CleanupFileLocks job with ID 4 in 0 seconds","userAgent":"--","version":"13.0.1.1"}
{"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:00","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Run OC\\Log\\Rotate job with ID 204","userAgent":"--","version":"13.0.1.1"}
{"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:00","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Finished OC\\Log\\Rotate job with ID 204 in 0 seconds","userAgent":"--","version":"13.0.1.1"}
{"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:00","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Run OCA\\Files_Trashbin\\BackgroundJob\\ExpireTrash job with ID 11","userAgent":"--","version":"13.0.1.1"}
{"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:00","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Finished OCA\\Files_Trashbin\\BackgroundJob\\ExpireTrash job with ID 11 in 0 seconds","userAgent":"--","version":"13.0.1.1"}
{"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:00","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Run OCA\\User_LDAP\\Jobs\\CleanUp job with ID 29","userAgent":"--","version":"13.0.1.1"}
{"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:00","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Finished OCA\\User_LDAP\\Jobs\\CleanUp job with ID 29 in 0 seconds","userAgent":"--","version":"13.0.1.1"}
{"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:00","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Run OCA\\Activity\\BackgroundJob\\EmailNotification job with ID 13","userAgent":"--","version":"13.0.1.1"}
{"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:00","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Finished OCA\\Activity\\BackgroundJob\\EmailNotification job with ID 13 in 0 seconds","userAgent":"--","version":"13.0.1.1"}
{"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:01","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Run OCA\\UpdateNotification\\ResetTokenBackgroundJob job with ID 194","userAgent":"--","version":"13.0.1.1"}
{"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:01","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Finished OCA\\UpdateNotification\\ResetTokenBackgroundJob job with ID 194 in 0 seconds","userAgent":"--","version":"13.0.1.1"}
{"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:01","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Run OC\\Authentication\\Token\\DefaultTokenCleanupJob job with ID 15","userAgent":"--","version":"13.0.1.1"}
{"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:01","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Invalidating session tokens older than 2018-03-24T03:00:01+00:00","userAgent":"--","version":"13.0.1.1"}
{"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:01","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Invalidating remembered session tokens older than 2018-03-10T03:00:01+00:00","userAgent":"--","version":"13.0.1.1"}
{"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:01","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Finished OC\\Authentication\\Token\\DefaultTokenCleanupJob job with ID 15 in 0 seconds","userAgent":"--","version":"13.0.1.1"}
{"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:01","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Run OCA\\Files\\BackgroundJob\\ScanFiles job with ID 2","userAgent":"--","version":"13.0.1.1"}
{"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:01","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Finished OCA\\Files\\BackgroundJob\\ScanFiles job with ID 2 in 0 seconds","userAgent":"--","version":"13.0.1.1"}
{"reqId":"OIlP75gT3VlJ9BwJYx4j","level":1,"time":"March 25, 2018 03:11:15","remoteAddr":"192.168.2.22","user":"--","app":"admin_audit","method":"GET","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark?page=-1","message":"Login attempt: \"SomePoorBastard\"","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"}
{"reqId":"OIlP75gT3VlJ9BwJYx4j","level":1,"time":"March 25, 2018 03:11:15","remoteAddr":"192.168.2.22","user":"SomePoorBastard","app":"admin_audit","method":"GET","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark?page=-1","message":"Login successful: \"SomePoorBastard\"","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"}
{"reqId":"OIlP75gT3VlJ9BwJYx4j","level":1,"time":"March 25, 2018 03:11:15","remoteAddr":"192.168.2.22","user":"SomePoorBastard","app":"admin_audit","method":"GET","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark?page=-1","message":"Logout occurred","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"}
{"reqId":"OIlP75gT3VlJ9BwJYx4j","level":1,"time":"March 25, 2018 03:11:15","remoteAddr":"192.168.2.22","user":"--","app":"admin_audit","method":"GET","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark?page=-1","message":"Login attempt: \"SomePoorBastard\"","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"}
{"reqId":"OIlP75gT3VlJ9BwJYx4j","level":1,"time":"March 25, 2018 03:11:15","remoteAddr":"192.168.2.22","user":"SomePoorBastard","app":"admin_audit","method":"GET","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark?page=-1","message":"Login successful: \"SomePoorBastard\"","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"}
{"reqId":"zCC4WcW9riuG0YFtofvB","level":1,"time":"March 25, 2018 03:11:17","remoteAddr":"192.168.2.22","user":"--","app":"admin_audit","method":"POST","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark","message":"Login attempt: \"SomePoorBastard\"","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"}
{"reqId":"JBh8Q32Iugjpns3OEhz0","level":1,"time":"March 25, 2018 03:11:17","remoteAddr":"192.168.2.22","user":"--","app":"admin_audit","method":"POST","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark","message":"Login attempt: \"SomePoorBastard\"","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"}
{"reqId":"TWq5ZHPLPaM92aOwTNjN","level":1,"time":"March 25, 2018 03:11:17","remoteAddr":"192.168.2.22","user":"--","app":"admin_audit","method":"POST","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark","message":"Login attempt: \"SomePoorBastard\"","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"}
{"reqId":"zCC4WcW9riuG0YFtofvB","level":1,"time":"March 25, 2018 03:11:17","remoteAddr":"192.168.2.22","user":"SomePoorBastard","app":"admin_audit","method":"POST","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark","message":"Login successful: \"SomePoorBastard\"","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"}
{"reqId":"TWq5ZHPLPaM92aOwTNjN","level":1,"time":"March 25, 2018 03:11:17","remoteAddr":"192.168.2.22","user":"SomePoorBastard","app":"admin_audit","method":"POST","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark","message":"Login successful: \"SomePoorBastard\"","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"}
{"reqId":"JBh8Q32Iugjpns3OEhz0","level":1,"time":"March 25, 2018 03:11:18","remoteAddr":"192.168.2.22","user":"SomePoorBastard","app":"admin_audit","method":"POST","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark","message":"Login successful: \"SomePoorBastard\"","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"}
{"reqId":"zCC4WcW9riuG0YFtofvB","level":1,"time":"March 25, 2018 03:11:18","remoteAddr":"192.168.2.22","user":"SomePoorBastard","app":"admin_audit","method":"POST","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark","message":"Logout occurred","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"}
{"reqId":"zCC4WcW9riuG0YFtofvB","level":1,"time":"March 25, 2018 03:11:18","remoteAddr":"192.168.2.22","user":"--","app":"admin_audit","method":"POST","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark","message":"Login attempt: \"SomePoorBastard\"","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"}
{"reqId":"TWq5ZHPLPaM92aOwTNjN","level":1,"time":"March 25, 2018 03:11:18","remoteAddr":"192.168.2.22","user":"SomePoorBastard","app":"admin_audit","method":"POST","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark","message":"Logout occurred","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"}
{"reqId":"TWq5ZHPLPaM92aOwTNjN","level":1,"time":"March 25, 2018 03:11:18","remoteAddr":"192.168.2.22","user":"--","app":"admin_audit","method":"POST","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark","message":"Login attempt: \"SomePoorBastard\"","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"}
{"reqId":"JBh8Q32Iugjpns3OEhz0","level":1,"time":"March 25, 2018 03:11:18","remoteAddr":"192.168.2.22","user":"SomePoorBastard","app":"admin_audit","method":"POST","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark","message":"Logout occurred","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"}
{"reqId":"JBh8Q32Iugjpns3OEhz0","level":1,"time":"March 25, 2018 03:11:18","remoteAddr":"192.168.2.22","user":"--","app":"admin_audit","method":"POST","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark","message":"Login attempt: \"SomePoorBastard\"","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"}
{"reqId":"zCC4WcW9riuG0YFtofvB","level":1,"time":"March 25, 2018 03:11:18","remoteAddr":"192.168.2.22","user":"SomePoorBastard","app":"admin_audit","method":"POST","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark","message":"Login successful: \"SomePoorBastard\"","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"}
{"reqId":"TWq5ZHPLPaM92aOwTNjN","level":1,"time":"March 25, 2018 03:11:18","remoteAddr":"192.168.2.22","user":"SomePoorBastard","app":"admin_audit","method":"POST","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark","message":"Login successful: \"SomePoorBastard\"","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"}
{"reqId":"JBh8Q32Iugjpns3OEhz0","level":1,"time":"March 25, 2018 03:11:18","remoteAddr":"192.168.2.22","user":"SomePoorBastard","app":"admin_audit","method":"POST","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark","message":"Login successful: \"SomePoorBastard\"","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"}
{"reqId":"4rI6KzRPINpvnl8hmFmo","level":1,"time":"March 25, 2018 03:11:25","remoteAddr":"192.168.2.22","user":"--","app":"admin_audit","method":"GET","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark?page=-1","message":"Login attempt: \"SomePoorBastard\"","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"}
{"reqId":"4rI6KzRPINpvnl8hmFmo","level":1,"time":"March 25, 2018 03:11:25","remoteAddr":"192.168.2.22","user":"SomePoorBastard","app":"admin_audit","method":"GET","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark?page=-1","message":"Login successful: \"SomePoorBastard\"","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"}
{"reqId":"4rI6KzRPINpvnl8hmFmo","level":1,"time":"March 25, 2018 03:11:25","remoteAddr":"192.168.2.22","user":"SomePoorBastard","app":"admin_audit","method":"GET","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark?page=-1","message":"Logout occurred","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"}
{"reqId":"4rI6KzRPINpvnl8hmFmo","level":1,"time":"March 25, 2018 03:11:25","remoteAddr":"192.168.2.22","user":"--","app":"admin_audit","method":"GET","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark?page=-1","message":"Login attempt: \"SomePoorBastard\"","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"}
{"reqId":"4rI6KzRPINpvnl8hmFmo","level":1,"time":"March 25, 2018 03:11:25","remoteAddr":"192.168.2.22","user":"SomePoorBastard","app":"admin_audit","method":"GET","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark?page=-1","message":"Login successful: \"SomePoorBastard\"","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"}
{"reqId":"LxJIdQOKqOpLyFnIN45e","level":0,"time":"March 25, 2018 03:15:00","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Run OCA\\Files\\BackgroundJob\\CleanupFileLocks job with ID 4","userAgent":"--","version":"13.0.1.1"}

Not much to go on from a report's perspective. The only peculiar thing is the GET requests which specify a bookmark with a negative number for a page.

Anyways, I have changed the certificate used by the web-server of my Nextcloud Instance so the SAN matches the IP address I have set up for it. While I also have a DNS name inside the SAN, the DNS server is on a different network segment than the device I am using with Firefox. The device using Chrome however, is on the same network segment, but did not yet trust the certificate because it did not trust the CA the certificate was issued through. I have fixed this and can confirm that I have had no further problems on my end.

Since you seem to be using a specific API to implement this for Firefox, I believe that choosing to trust or distrust self-signed certificates is out-of-scope, despite my preferences to have such a feature included. I imagine this functionality would simply defer to the browser's trust with the Nextcloud Instance accessed. It would be a low-priority, but useful feature however to determine whether a connection is insecure, and simply refuse to use it unless it is acceptably secure.

I'll leave it to you to close as "will not implement", or keeo open as a future feature request.

<!-- gh-comment-id:376389426 --> @SomePoorBastard commented on GitHub (Mar 27, 2018): I'm not sure how long a ban lasts in Nextcloud's brute-force detection blacklist. Here is a snip from the logs at the time; starting at the time the requests were made: ``` {"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:00","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Run OC\\Authentication\\Token\\DefaultTokenCleanupJob job with ID 203","userAgent":"--","version":"13.0.1.1"} {"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:00","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Invalidating session tokens older than 2018-03-24T03:00:00+00:00","userAgent":"--","version":"13.0.1.1"} {"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:00","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Invalidating remembered session tokens older than 2018-03-10T03:00:00+00:00","userAgent":"--","version":"13.0.1.1"} {"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:00","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Finished OC\\Authentication\\Token\\DefaultTokenCleanupJob job with ID 203 in 0 seconds","userAgent":"--","version":"13.0.1.1"} {"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:00","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Run OCA\\Files_Sharing\\DeleteOrphanedSharesJob job with ID 7","userAgent":"--","version":"13.0.1.1"} {"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:00","remoteAddr":"","user":"--","app":"DeleteOrphanedSharesJob","method":"--","url":"--","message":"0 orphaned share(s) deleted","userAgent":"--","version":"13.0.1.1"} {"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:00","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Finished OCA\\Files_Sharing\\DeleteOrphanedSharesJob job with ID 7 in 0 seconds","userAgent":"--","version":"13.0.1.1"} {"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:00","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Run OCA\\Files\\BackgroundJob\\CleanupFileLocks job with ID 4","userAgent":"--","version":"13.0.1.1"} {"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:00","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Finished OCA\\Files\\BackgroundJob\\CleanupFileLocks job with ID 4 in 0 seconds","userAgent":"--","version":"13.0.1.1"} {"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:00","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Run OC\\Log\\Rotate job with ID 204","userAgent":"--","version":"13.0.1.1"} {"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:00","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Finished OC\\Log\\Rotate job with ID 204 in 0 seconds","userAgent":"--","version":"13.0.1.1"} {"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:00","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Run OCA\\Files_Trashbin\\BackgroundJob\\ExpireTrash job with ID 11","userAgent":"--","version":"13.0.1.1"} {"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:00","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Finished OCA\\Files_Trashbin\\BackgroundJob\\ExpireTrash job with ID 11 in 0 seconds","userAgent":"--","version":"13.0.1.1"} {"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:00","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Run OCA\\User_LDAP\\Jobs\\CleanUp job with ID 29","userAgent":"--","version":"13.0.1.1"} {"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:00","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Finished OCA\\User_LDAP\\Jobs\\CleanUp job with ID 29 in 0 seconds","userAgent":"--","version":"13.0.1.1"} {"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:00","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Run OCA\\Activity\\BackgroundJob\\EmailNotification job with ID 13","userAgent":"--","version":"13.0.1.1"} {"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:00","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Finished OCA\\Activity\\BackgroundJob\\EmailNotification job with ID 13 in 0 seconds","userAgent":"--","version":"13.0.1.1"} {"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:01","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Run OCA\\UpdateNotification\\ResetTokenBackgroundJob job with ID 194","userAgent":"--","version":"13.0.1.1"} {"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:01","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Finished OCA\\UpdateNotification\\ResetTokenBackgroundJob job with ID 194 in 0 seconds","userAgent":"--","version":"13.0.1.1"} {"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:01","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Run OC\\Authentication\\Token\\DefaultTokenCleanupJob job with ID 15","userAgent":"--","version":"13.0.1.1"} {"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:01","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Invalidating session tokens older than 2018-03-24T03:00:01+00:00","userAgent":"--","version":"13.0.1.1"} {"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:01","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Invalidating remembered session tokens older than 2018-03-10T03:00:01+00:00","userAgent":"--","version":"13.0.1.1"} {"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:01","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Finished OC\\Authentication\\Token\\DefaultTokenCleanupJob job with ID 15 in 0 seconds","userAgent":"--","version":"13.0.1.1"} {"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:01","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Run OCA\\Files\\BackgroundJob\\ScanFiles job with ID 2","userAgent":"--","version":"13.0.1.1"} {"reqId":"enKVbvCSQhCsoTRXs8RI","level":0,"time":"March 25, 2018 03:00:01","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Finished OCA\\Files\\BackgroundJob\\ScanFiles job with ID 2 in 0 seconds","userAgent":"--","version":"13.0.1.1"} {"reqId":"OIlP75gT3VlJ9BwJYx4j","level":1,"time":"March 25, 2018 03:11:15","remoteAddr":"192.168.2.22","user":"--","app":"admin_audit","method":"GET","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark?page=-1","message":"Login attempt: \"SomePoorBastard\"","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"} {"reqId":"OIlP75gT3VlJ9BwJYx4j","level":1,"time":"March 25, 2018 03:11:15","remoteAddr":"192.168.2.22","user":"SomePoorBastard","app":"admin_audit","method":"GET","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark?page=-1","message":"Login successful: \"SomePoorBastard\"","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"} {"reqId":"OIlP75gT3VlJ9BwJYx4j","level":1,"time":"March 25, 2018 03:11:15","remoteAddr":"192.168.2.22","user":"SomePoorBastard","app":"admin_audit","method":"GET","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark?page=-1","message":"Logout occurred","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"} {"reqId":"OIlP75gT3VlJ9BwJYx4j","level":1,"time":"March 25, 2018 03:11:15","remoteAddr":"192.168.2.22","user":"--","app":"admin_audit","method":"GET","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark?page=-1","message":"Login attempt: \"SomePoorBastard\"","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"} {"reqId":"OIlP75gT3VlJ9BwJYx4j","level":1,"time":"March 25, 2018 03:11:15","remoteAddr":"192.168.2.22","user":"SomePoorBastard","app":"admin_audit","method":"GET","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark?page=-1","message":"Login successful: \"SomePoorBastard\"","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"} {"reqId":"zCC4WcW9riuG0YFtofvB","level":1,"time":"March 25, 2018 03:11:17","remoteAddr":"192.168.2.22","user":"--","app":"admin_audit","method":"POST","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark","message":"Login attempt: \"SomePoorBastard\"","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"} {"reqId":"JBh8Q32Iugjpns3OEhz0","level":1,"time":"March 25, 2018 03:11:17","remoteAddr":"192.168.2.22","user":"--","app":"admin_audit","method":"POST","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark","message":"Login attempt: \"SomePoorBastard\"","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"} {"reqId":"TWq5ZHPLPaM92aOwTNjN","level":1,"time":"March 25, 2018 03:11:17","remoteAddr":"192.168.2.22","user":"--","app":"admin_audit","method":"POST","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark","message":"Login attempt: \"SomePoorBastard\"","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"} {"reqId":"zCC4WcW9riuG0YFtofvB","level":1,"time":"March 25, 2018 03:11:17","remoteAddr":"192.168.2.22","user":"SomePoorBastard","app":"admin_audit","method":"POST","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark","message":"Login successful: \"SomePoorBastard\"","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"} {"reqId":"TWq5ZHPLPaM92aOwTNjN","level":1,"time":"March 25, 2018 03:11:17","remoteAddr":"192.168.2.22","user":"SomePoorBastard","app":"admin_audit","method":"POST","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark","message":"Login successful: \"SomePoorBastard\"","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"} {"reqId":"JBh8Q32Iugjpns3OEhz0","level":1,"time":"March 25, 2018 03:11:18","remoteAddr":"192.168.2.22","user":"SomePoorBastard","app":"admin_audit","method":"POST","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark","message":"Login successful: \"SomePoorBastard\"","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"} {"reqId":"zCC4WcW9riuG0YFtofvB","level":1,"time":"March 25, 2018 03:11:18","remoteAddr":"192.168.2.22","user":"SomePoorBastard","app":"admin_audit","method":"POST","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark","message":"Logout occurred","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"} {"reqId":"zCC4WcW9riuG0YFtofvB","level":1,"time":"March 25, 2018 03:11:18","remoteAddr":"192.168.2.22","user":"--","app":"admin_audit","method":"POST","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark","message":"Login attempt: \"SomePoorBastard\"","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"} {"reqId":"TWq5ZHPLPaM92aOwTNjN","level":1,"time":"March 25, 2018 03:11:18","remoteAddr":"192.168.2.22","user":"SomePoorBastard","app":"admin_audit","method":"POST","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark","message":"Logout occurred","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"} {"reqId":"TWq5ZHPLPaM92aOwTNjN","level":1,"time":"March 25, 2018 03:11:18","remoteAddr":"192.168.2.22","user":"--","app":"admin_audit","method":"POST","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark","message":"Login attempt: \"SomePoorBastard\"","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"} {"reqId":"JBh8Q32Iugjpns3OEhz0","level":1,"time":"March 25, 2018 03:11:18","remoteAddr":"192.168.2.22","user":"SomePoorBastard","app":"admin_audit","method":"POST","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark","message":"Logout occurred","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"} {"reqId":"JBh8Q32Iugjpns3OEhz0","level":1,"time":"March 25, 2018 03:11:18","remoteAddr":"192.168.2.22","user":"--","app":"admin_audit","method":"POST","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark","message":"Login attempt: \"SomePoorBastard\"","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"} {"reqId":"zCC4WcW9riuG0YFtofvB","level":1,"time":"March 25, 2018 03:11:18","remoteAddr":"192.168.2.22","user":"SomePoorBastard","app":"admin_audit","method":"POST","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark","message":"Login successful: \"SomePoorBastard\"","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"} {"reqId":"TWq5ZHPLPaM92aOwTNjN","level":1,"time":"March 25, 2018 03:11:18","remoteAddr":"192.168.2.22","user":"SomePoorBastard","app":"admin_audit","method":"POST","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark","message":"Login successful: \"SomePoorBastard\"","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"} {"reqId":"JBh8Q32Iugjpns3OEhz0","level":1,"time":"March 25, 2018 03:11:18","remoteAddr":"192.168.2.22","user":"SomePoorBastard","app":"admin_audit","method":"POST","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark","message":"Login successful: \"SomePoorBastard\"","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"} {"reqId":"4rI6KzRPINpvnl8hmFmo","level":1,"time":"March 25, 2018 03:11:25","remoteAddr":"192.168.2.22","user":"--","app":"admin_audit","method":"GET","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark?page=-1","message":"Login attempt: \"SomePoorBastard\"","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"} {"reqId":"4rI6KzRPINpvnl8hmFmo","level":1,"time":"March 25, 2018 03:11:25","remoteAddr":"192.168.2.22","user":"SomePoorBastard","app":"admin_audit","method":"GET","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark?page=-1","message":"Login successful: \"SomePoorBastard\"","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"} {"reqId":"4rI6KzRPINpvnl8hmFmo","level":1,"time":"March 25, 2018 03:11:25","remoteAddr":"192.168.2.22","user":"SomePoorBastard","app":"admin_audit","method":"GET","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark?page=-1","message":"Logout occurred","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"} {"reqId":"4rI6KzRPINpvnl8hmFmo","level":1,"time":"March 25, 2018 03:11:25","remoteAddr":"192.168.2.22","user":"--","app":"admin_audit","method":"GET","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark?page=-1","message":"Login attempt: \"SomePoorBastard\"","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"} {"reqId":"4rI6KzRPINpvnl8hmFmo","level":1,"time":"March 25, 2018 03:11:25","remoteAddr":"192.168.2.22","user":"SomePoorBastard","app":"admin_audit","method":"GET","url":"\/index.php\/apps\/bookmarks\/public\/rest\/v2\/bookmark?page=-1","message":"Login successful: \"SomePoorBastard\"","userAgent":"Mozilla\/5.0 (X11; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.1.1"} {"reqId":"LxJIdQOKqOpLyFnIN45e","level":0,"time":"March 25, 2018 03:15:00","remoteAddr":"","user":"--","app":"cron","method":"--","url":"--","message":"Run OCA\\Files\\BackgroundJob\\CleanupFileLocks job with ID 4","userAgent":"--","version":"13.0.1.1"} ``` Not much to go on from a report's perspective. The only peculiar thing is the GET requests which specify a bookmark with a negative number for a page. Anyways, I have changed the certificate used by the web-server of my Nextcloud Instance so the SAN matches the IP address I have set up for it. While I also have a DNS name inside the SAN, the DNS server is on a different network segment than the device I am using with Firefox. The device using Chrome however, is on the same network segment, but did not yet trust the certificate because it did not trust the CA the certificate was issued through. I have fixed this and can confirm that I have had no further problems on my end. Since you seem to be using a specific API to implement this for Firefox, I believe that choosing to trust or distrust self-signed certificates is out-of-scope, despite my preferences to have such a feature included. I imagine this functionality would simply defer to the browser's trust with the Nextcloud Instance accessed. It would be a low-priority, but useful feature however to determine whether a connection is insecure, and simply refuse to use it unless it is acceptably secure. I'll leave it to you to close as "will not implement", or keeo open as a future feature request.

kerem commented 2026-02-25 22:36:00 +03:00

Author

Owner

Copy link

@marcelklehr commented on GitHub (Mar 27, 2018):

I'm glad it works for you, now. :) I've improved error handling for network errors, so it's more obvious what is the problem with this kind of errors. Disallowing raw http URLs seems like a good idea, though! I will open a separate issue for this :)

<!-- gh-comment-id:376429356 --> @marcelklehr commented on GitHub (Mar 27, 2018): I'm glad it works for you, now. :) I've improved error handling for network errors, so it's more obvious what is the problem with this kind of errors. Disallowing raw http URLs seems like a good idea, though! I will open a separate issue for this :)

kerem commented 2026-02-25 22:36:00 +03:00

Author

Owner

Copy link

@github-actions[bot] commented on GitHub (Mar 21, 2023):

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

<!-- gh-comment-id:1478280517 --> @github-actions[bot] commented on GitHub (Mar 21, 2023): This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

develop

dependabot/npm_and_yarn/fast-xml-parser-5.7.0

dependabot/npm_and_yarn/xmldom/xmldom-0.8.13

dependabot/npm_and_yarn/protocol-buffers-schema-3.6.1

master

fix/xml-entity-limit

all-contributors/add-aaryanvangari

fix/subscanner-residuals

test/subscanner-residuals

test/problematic-seeds

perf/improve-build-time

perf/native-startup

fix/continuation-null-cheks

dropbox

fix/clear-indexeddb-after-sync

dependabot/npm_and_yarn/vuetify-3.11.4

fix/slim-down-continuation

test/background-worker

refactor/fail-build-if-native-uses-browser-api

feat/improve-failsafe-wording

dependabot/npm_and_yarn/multi-0520f5abeb

feat/release-build

fix/more-mapping-errors

dependabot/npm_and_yarn/intl-messageformat-10.7.18

enh/split-sync-interval-and-auto-sync

enh/gdrive-timeout

feat/safari

feat/capabilities

feat/xxhash3

feat/murmur3

fix/gdrive-error-handling

fix/correctness-fixes

fix/linkwarden

feat/orion

fix/nocache-tests

feat/tab-groups

fix/git-never-force-push

fix/xbel-parse-errors

fix/git-push-errors

fix/chrome-main-folder-ids

dependabot/npm_and_yarn/multi-a9f852c250

chore/use-local-linkwarden-container-in-ci

all-contributors/add-balthanon

dependabot/npm_and_yarn/multi-7c5da94753

fix/revert-indexeddb-logger

fix/acknowlegde-abuse

dependabot/npm_and_yarn/eslint-import-resolver-webpack-0.13.10

fix/rip-out-continuations

fix/webdav-filesize-depth-header

fix/changes-while-syncing

fix/addition-failsafe-minimum

feat/indexeddb-logs

feat/addition-failsafe

fix/webdav-check-filesize

fix/orion

fix/bounded-exponential-backoff

fix/dont-repeat-on-sync-fail

fix-tests

fix/speedup-tab-update-cb

all-contributors/add-andybalaam

all-contributors/add-macrogreg

fix/parse-tag-value

fix/cleanup-deps

refactor/partial-set-data-with-lock

fix/nc-bookmarks-update

fix/move-stabiltiy-same-titled-folders

fix/ios-share-extension

fix/update-selenium

fix/chrome-net-errors

enh/nc-bm-js

sentry

fix/unidirectional-scanner-shoudl-use-mappings

enh/interrupts

dependabot/npm_and_yarn/vue-loader-17.4.2

ci/build-ios

enh/manifest-v3

release/4.19.0

fix/codeql

fix/google-drive-ios

all-contributors/add-dmotte

fix/unidirectional-sync

fix/interrupts

all-contributors/add-pinpontitit

all-contributors/add-dsiminiuk

test/old-apis

test/interrupts-on-nextcloud-bookmarks

feature/no-hashing-in-diff

feature/improve-diff-performance

capacitor

enh/rename-nextcloud-folders

fix/complex-hierarchy-reversal-2

tests/coverage

feature/google-drive

dependabot/npm_and_yarn/eslint-plugin-vue-7.6.0

fix/crypto

dependabot/npm_and_yarn/sass-1.32.7

dependabot/npm_and_yarn/css-loader-5.0.2

dependabot/npm_and_yarn/webpack-cli-4.5.0

fix/performance-hash-caching

dependabot/npm_and_yarn/eslint-plugin-standard-5.0.0

dependabot/npm_and_yarn/sass-loader-10.1.1

dependabot/npm_and_yarn/eslint-import-resolver-webpack-0.13.0

dependabot/npm_and_yarn/webpack-merge-5.7.3

dependabot/npm_and_yarn/p-queue-6.6.2

dependabot/npm_and_yarn/throttle-debounce-3.0.1

fix/lww-move-test

fix/overwrite-strategy

fix/root-folder-sync

enh/local-hash-cash

test/ci

ui/vue

cookie-hack

fix/travis

rollup

refactor/ui

webdav

refactor/modularize

v5.9.1

v5.9.0

v5.8.6

v5.8.5

v5.8.4

v5.8.3

v5.8.2

v5.8.1

v5.8.0

v5.7.0

v5.6.0

v5.5.6

v5.5.5

v5.5.4

v5.5.3

v5.5.2

v5.5.1

v5.5.0

v5.4.5

v5.4.4

v5.4.3

v5.4.2

v5.4.2-alpha.1

v5.4.1

v5.4.0

v5.3.4

v5.3.3

v5.3.1

v5.3.0

v5.3.0-beta.1

v5.2.7

v5.2.6

v5.2.5

v5.2.4

v5.2.3

v5.2.2

v5.2.1

v5.2.0

v5.2.0-beta.3

v5.2.0-beta.2

v5.2.0-beta.1

v5.1.7

v5.1.6

v5.1.5

v5.1.4

v5.1.3

5.1.3-beta.1

v5.1.2

v5.1.1

v5.1.0

v5.0.12

v5.0.12-beta.1

v5.0.11

v5.0.10

v5.0.9

v5.0.8

v5.0.7

v5.0.6

v5.0.5

v5.0.4

v5.0.3

v5.0.2

v5.0.1

v5.0.0

v4.19.1

v4.19.0

v4.18.1

v4.18.0

v4.17.1

v4.17.0

v4.16.0

v4.15.0

v4.14.0

v4.13.1

v4.13.0

v4.12.0

v4.11.0

v4.11.0-alpha.0

v4.10.1

v4.10.0

v4.9.0

v4.8.7

v4.8.6

v4.8.4

v4.8.3

v4.8.2

v4.8.1

v4.8.0

v4.7.0

v4.6.4

v4.6.3

v4.6.2

v4.6.1

v4.6.0

v4.5.0

v4.4.10

v4.4.9

v4.4.8

v4.4.7

v4.4.6

v4.4.5

v4.4.4

v4.4.3

v4.4.2

v4.4.1

v4.4.0

v4.4.0-rc1

v4.3.0

v4.2.6

v4.2.5

v4.2.4

v4.2.3

v4.2.2

v4.2.1

v4.2.0

v4.2.0-beta.4

v4.2.0-beta.3

v4.2.0-beta.2

v4.2.0-beta.1

v4.1.0

v4.0.4

v4.0.3

v4.0.2

v4.0.1

v4.0.0

v4

v4.0.0-alpha.3

v4.0.0-alpha.2

v4.0.0-alpha.1

v3.5.3

v3.5.2

v3.5.1

v3.5.0

v3.4.2

v3.4.1

v3.4.0

v3.4.0-beta.3

v3.4.0-beta.2

v3.4.0-beta.1

v3.3.2

v3.3.1

v3.3.0

v3.3.0-beta.5

v3.3.0-beta.4

v3.3.0-beta.3

v3.3.0-beta.2

v3.3.0-beta.1

v3.2.16

v3.2.15

v3.2.14

v3.2.13

v3.2.12

v3.2.11

v3.2.10

v3.2.9

v3.2.8

v3.2.7

v3.2.6

v3.2.5

v3.2.4

v3.2.3

v3.2.2

v3.2.1

v3.2.0

v3.1.15

v3.1.14

v3.1.13

v3.1.12

v3.1.11

v3.1.10

v3.1.9

v3.1.8

v3.1.7

v3.1.6

v3.1.5

v3.1.4

v3.1.3

v3.1.2

v3.1.1

v3.1.0

v3.0.10

v3.0.9

v3.0.8

v3.0.7

v3.0.6

v3.0.5

v3.0.4

v3.0.3

v3.0.2

v3.0.1

v3.0.0

v3.0.0-beta.9

v3.0.0-beta.8

v3.0.0-beta.7

v2.2.9

v3.0.0-beta.6

v3.0.0-beta.5

v3.0.0-beta.4

v3.0.0-beta.3

v3.0.0-beta.2

v3.0.0-beta-1

v3.0.0-alpha-1

v2.2.8

v2.2.7

v2.2.6

v2.2.5

v2.2.4

v2.2.3

v2.2.2

v2.2.1

v2.2.0

v2.1.0

v2.0.6

v2.0.5

v2.0.4

v2.0.3

v2.0.2

v2.0.1

v2.0.0

v2.0.0-beta.2

v1.3.4

v2.0.0-beta.1

v1.3.3

v1.3.2

v1.3.1

v1.3.0

v1.3.0-beta.5

v1.3.0-beta.4

v1.3.0-beta.3

v1.3.0-beta.2

v1.3.0-beta1

v1.2.0

v1.1.2

v1.1.1

v1.1.0

v1.0.1

v1.0.0

Labels

Clear labels   

browser-specific

  

bug

  

correctness issues

  

enhancement

  

feature: Google Drive

  

feature: Linkwarden

  

feature: git

  

feature: nextcloud-bookmarks

  

feature: tabs

  

feature: webdav

  

help wanted

  

native-app

  

priority: high

  

priority: low

  

priority: medium

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

question

  

stale

  

upstream

  

waiting for more information

  

wontfix

  

🙁 Not following issue template

No labels

browser-specific

bug

correctness issues

enhancement

feature: Google Drive

feature: Linkwarden

feature: git

feature: nextcloud-bookmarks

feature: tabs

feature: webdav

help wanted

native-app

priority: high

priority: low

priority: medium

pull-request

question

question

stale

upstream

waiting for more information

wontfix

🙁 Not following issue template

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/floccus#59

No description provided.