[GH-ISSUE #947] Issues with BlueCoat proxy #616

New issue

Closed

opened 2026-02-25 22:37:38 +03:00 by kerem · 20 comments

kerem commented 2026-02-25 22:37:38 +03:00

Owner

Copy link

Originally created by @trupf on GitHub (Aug 26, 2021).
Original GitHub issue: https://github.com/floccusaddon/floccus/issues/947

Describe the bug

A clear and concise description of what the bug is.

To Reproduce

Steps to reproduce the behavior:

1. Use Firefox Browser mit proxy setting (proxy requires authentication)
2. setup sync with nextcloud account, (using login with nextcloud)
3. Login and setup is working
4. sync doesn't work with error E018

Expected behavior

After a successfull connection setup the sync should also work

Screenshots

Desktop

(please complete the following information)

• OS: Windows 10
• Browser Firefox
• Browser Version 91.0.2
• Floccus version: 4.7.0
• Floccus sync method: nextcloud

Server

(please complete the following information)

• OS: Debian Buster
• Nextcloud version: 21.0.4
• Bookmarks app version: 4.4.1

Note: Please write down the actual version numbers instead of writing 'latest'.

Debug log

2021-08-26T06:40:01.836Z Starting sync process for account ******
2021-08-26T06:40:01.854Z Using "merge default" strategy (no cache available)
2021-08-26T06:40:02.543Z Fetching bookmarks
2021-08-26T06:40:03.161Z Syncing failed with E018: Konnte nicht am Server authentifiziert werden.

Additional context

The sync is not working from my company laptop+network which requires a proxy with authentication for web access. It works though form my private laptop/network where I don't need a proxy. So I guess it has something to do with proxy settings. Firefox itself does work with the proxy. I have the same problem with Chrome - doesn't work from company laptop/network.

Originally created by @trupf on GitHub (Aug 26, 2021). Original GitHub issue: https://github.com/floccusaddon/floccus/issues/947 ### Describe the bug A clear and concise description of what the bug is. ### To Reproduce Steps to reproduce the behavior: 1. Use Firefox Browser mit proxy setting (proxy requires authentication) 2. setup sync with nextcloud account, (using login with nextcloud) 3. Login and setup is working 4. sync doesn't work with error E018 5. ### Expected behavior After a successfull connection setup the sync should also work ### Screenshots ### Desktop (please complete the following information) - OS: Windows 10 - Browser Firefox - Browser Version 91.0.2 - Floccus version: 4.7.0 - Floccus sync method: nextcloud ### Server (please complete the following information) - OS: Debian Buster - Nextcloud version: 21.0.4 - Bookmarks app version: 4.4.1 Note: Please write down the actual version numbers instead of writing 'latest'. ### Debug log 2021-08-26T06:40:01.836Z Starting sync process for account ****** 2021-08-26T06:40:01.854Z Using "merge default" strategy (no cache available) 2021-08-26T06:40:02.543Z Fetching bookmarks 2021-08-26T06:40:03.161Z Syncing failed with E018: Konnte nicht am Server authentifiziert werden. ### Additional context The sync is not working from my company laptop+network which requires a proxy with authentication for web access. It works though form my private laptop/network where I don't need a proxy. So I guess it has something to do with proxy settings. Firefox itself does work with the proxy. I have the same problem with Chrome - doesn't work from company laptop/network.

kerem 2026-02-25 22:37:38 +03:00

• closed this issue
• added the
  bug
  label

kerem commented 2026-02-25 22:37:38 +03:00

Author

Owner

Copy link

@MicMun commented on GitHub (Sep 12, 2021):

I have the same problem, but I don't believe that this can be fixed by Floccus.
Our proxy (Blue Coat, now Broadcom ...) deletes the Authentication header and that is the cause of the error.
I guess, your proxy do the same.

<!-- gh-comment-id:917673834 --> @MicMun commented on GitHub (Sep 12, 2021): I have the same problem, but I don't believe that this can be fixed by Floccus. Our proxy (Blue Coat, now Broadcom ...) deletes the Authentication header and that is the cause of the error. I guess, your proxy do the same.

kerem commented 2026-02-25 22:37:38 +03:00

Author

Owner

Copy link

@trupf commented on GitHub (Sep 13, 2021):

I don't know what the proxy does and if it deletes the header (and also don't know how to debug). But I can login to Nextcloud via the web page with Chrome or Firefox and the nextcloud sync agent does also work. The sign in for account setup in floccus does also work but the actual sync doesn't.

<!-- gh-comment-id:918371763 --> @trupf commented on GitHub (Sep 13, 2021): I don't know what the proxy does and if it deletes the header (and also don't know how to debug). But I can login to Nextcloud via the web page with Chrome or Firefox and the nextcloud sync agent does also work. The sign in for account setup in floccus does also work but the actual sync doesn't.

kerem commented 2026-02-25 22:37:38 +03:00

Author

Owner

Copy link

@mnalis commented on GitHub (Sep 13, 2021):

@trupf can you see what nextcloud logs on the server (eg. /var/lib/nextcloud/data/nextcloud.log or wherever it is on your server) say for that same timestamps when login fails?

<!-- gh-comment-id:918541366 --> @mnalis commented on GitHub (Sep 13, 2021): @trupf can you see what nextcloud logs on the server (eg. ` /var/lib/nextcloud/data/nextcloud.log` or wherever it is on your server) say for that same timestamps when login fails?

kerem commented 2026-02-25 22:37:39 +03:00

Author

Owner

Copy link

@trupf commented on GitHub (Sep 17, 2021):

I can see the nextcloud logs, but nothing is logged there. But I can also see sslh logs from the server and see that a connection attempt was made, Nginx is configured to not log every access attempt so I think it is really the problem as described by MicMun, that the nextcloud auth header is missing due to the proxy, although I don't understand than how it can work with the nextcloud sync client. Is there a way to authenticate a client without that header?

<!-- gh-comment-id:921530123 --> @trupf commented on GitHub (Sep 17, 2021): I can see the nextcloud logs, but nothing is logged there. But I can also see sslh logs from the server and see that a connection attempt was made, Nginx is configured to not log every access attempt so I think it is really the problem as described by MicMun, that the nextcloud auth header is missing due to the proxy, although I don't understand than how it can work with the nextcloud sync client. Is there a way to authenticate a client without that header?

kerem commented 2026-02-25 22:37:39 +03:00

Author

Owner

Copy link

@mnalis commented on GitHub (Sep 17, 2021):

@trupf I'm not that familiar with the floccus code, but it looks like src/lib/adapters/NextcloudBookmarks.ts uses HTTP Basic auth. It would be great if you could:

• enable nginx logs for short time, in order to capture logs when floccus tries to connect. That should provide more information
• provide some info on the kind of proxy you're using (not the hostname / personal details of course, but is it HTTP/HTTPS proxy, or SOCKS v4/v5, or perhaps if you know who is manufacturer of proxy software etc). For firefox some info should be found here
• is your nextcloud instance HTTP or HTTPS ? Having it on HTTPS might avoid some transparent proxy issues (and you can get free HTTPS certificates via https://letsencrypt.org/)

Alternatively as a workaround, perhaps you can make exception for your nextcloud instance so it does not go via proxy (see No proxy for in firefox config docs above)? That would only work if it is manual/automatic proxy, not in case it is transparent proxy, though.

<!-- gh-comment-id:922059814 --> @mnalis commented on GitHub (Sep 17, 2021): @trupf I'm not that familiar with the floccus code, but it looks like `src/lib/adapters/NextcloudBookmarks.ts` uses [HTTP Basic auth](https://en.wikipedia.org/wiki/Basic_access_authentication). It would be great if you could: - enable nginx logs for short time, in order to capture logs when floccus tries to connect. That should provide more information - provide some info on the kind of proxy you're using (not the hostname / personal details of course, but is it HTTP/HTTPS proxy, or SOCKS v4/v5, or perhaps if you know who is manufacturer of proxy software etc). For firefox some info should be found [here](https://support.mozilla.org/en-US/kb/connection-settings-firefox) - is your nextcloud instance HTTP or HTTPS ? Having it on HTTPS might avoid some transparent proxy issues (and you can get free HTTPS certificates via https://letsencrypt.org/) Alternatively as a workaround, perhaps you can make exception for your nextcloud instance so it does not go via proxy (see `No proxy for` in firefox config docs above)? That would only work if it is manual/automatic proxy, not in case it is transparent proxy, though.

kerem commented 2026-02-25 22:37:39 +03:00

Author

Owner

Copy link

@trupf commented on GitHub (Sep 18, 2021):

• Nextcloud instance is https
• proxy is http/https. I can not bypass this proxy as I'm not the admin and I have no web access without it
• only the debug level of error log provides some info

error_debug.log

<!-- gh-comment-id:922240492 --> @trupf commented on GitHub (Sep 18, 2021): - Nextcloud instance is https - proxy is http/https. I can not bypass this proxy as I'm not the admin and I have no web access without it - only the debug level of error log provides some info [error_debug.log](https://github.com/floccusaddon/floccus/files/7189542/error_debug.log)

kerem commented 2026-02-25 22:37:39 +03:00

Author

Owner

Copy link

@mnalis commented on GitHub (Sep 18, 2021):

@trupf OK, I see that is also using Bluecoat proxy as @MicMun.

If BlueCoat removes the HTTP Basic auth headers as alleged (and your nginx error_debug.log indeed does not show Authorization header), it would explain why GET /owncloud/index.php/apps/bookmarks/public/rest/v2/bookmark?page=0&limit=300 at line 397 fails with 401 Unauthorized at line 626.

But what is also interesting is that GET /owncloud/index.php/apps/bookmarks/public/rest/v2/folder/-1/hash at line 30 fails with HTTP/1.1 400 Bad request at line 256 before that, which is not 401 Unauthorized.

Can you try to (after logging in to your nextcloud instance) open in your normal browser tabs:

• https://your_nextcloud.example.com/owncloud/index.php/apps/bookmarks/public/rest/v2/folder/-1/hash
• https://your_nextcloud.example.com/owncloud/index.php/apps/bookmarks/public/rest/v2/bookmark?page=0&limit=300

(where your_nextcloud.example.com is replaced with your instance FQDN)

and see if they show valid JSON, or return 400/401 error messages? Also share what a nginx.log looks like when you try to open those URLs from browser.

Also, could you try if (while using that proxy) you can connect to simple site using HTTP basic auth, like this one:

• https://authenticationtest.com/HTTPAuth/ (there should be a window popping up, asking for username/password which are User and Pass), and after that redirect to page saying if it was successful or not.

<!-- gh-comment-id:922374691 --> @mnalis commented on GitHub (Sep 18, 2021): @trupf OK, I see that is also using `Bluecoat` proxy as @MicMun. If BlueCoat removes the HTTP Basic auth headers as alleged (and your nginx `error_debug.log` indeed does not show `Authorization` header), it would explain why `GET /owncloud/index.php/apps/bookmarks/public/rest/v2/bookmark?page=0&limit=300` at line `397` fails with `401 Unauthorized` at line `626`. But what is also interesting is that `GET /owncloud/index.php/apps/bookmarks/public/rest/v2/folder/-1/hash` at line `30` fails with `HTTP/1.1 400 Bad request` at line `256` before that, which is **not** `401 Unauthorized`. Can you try to (after logging in to your nextcloud instance) open in your normal browser tabs: - `https://your_nextcloud.example.com/owncloud/index.php/apps/bookmarks/public/rest/v2/folder/-1/hash` - `https://your_nextcloud.example.com/owncloud/index.php/apps/bookmarks/public/rest/v2/bookmark?page=0&limit=300` (where `your_nextcloud.example.com` is replaced with your instance FQDN) and see if they show valid JSON, or return 400/401 error messages? Also share what a `nginx.log` looks like when you try to open those URLs from browser. Also, could you try if (while using that proxy) you can connect to simple site using [HTTP basic auth](https://en.wikipedia.org/wiki/Basic_access_authentication), like this one: - https://authenticationtest.com/HTTPAuth/ (there should be a window popping up, asking for username/password which are `User` and `Pass`), and after that redirect to page saying if it was successful or not.

kerem commented 2026-02-25 22:37:39 +03:00

Author

Owner

Copy link

@trupf commented on GitHub (Sep 19, 2021):

I can not see any issues with both statements in the browser, they complete with no error and return valid json data.

The basic auth does also work. I have even another instance on my web-server where I'm actually using basic out with nginx and that works too.

error_1.log
error_2.log

<!-- gh-comment-id:922420609 --> @trupf commented on GitHub (Sep 19, 2021): I can not see any issues with both statements in the browser, they complete with no error and return valid json data. The basic auth does also work. I have even another instance on my web-server where I'm actually using basic out with nginx and that works too. [error_1.log](https://github.com/floccusaddon/floccus/files/7192608/error_1.log) [error_2.log](https://github.com/floccusaddon/floccus/files/7192609/error_2.log)

kerem commented 2026-02-25 22:37:39 +03:00

Author

Owner

Copy link

@mnalis commented on GitHub (Sep 19, 2021):

Few observations, this seems to be the difference in headers sent to server when fetching /owncloud/index.php/apps/bookmarks/public/rest/v2/folder/-1/hash

--- head_floccus.txt	2021-09-19 20:53:16.976555816 +0200
+++ head_browser.txt	2021-09-19 20:42:50.594542889 +0200
@@ -6,0 +7 @@
-http header: "Cache-Control: max-stale=0"
+http header: "Cache-Control: max-age=0"
+http header: "Upgrade-Insecure-Requests: 1"
-http header: "Accept: */*"
+http header: "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9"
-http header: "Sec-Fetch-Mode: cors"
+http header: "Sec-Fetch-Mode: navigate"
-http header: "Sec-Fetch-Dest: empty"
+http header: "Sec-Fetch-Dest: document"
+http header: "Sec-Fetch-User: ?1"
+http header: "Cookie: nc_sameSiteCookielax=true; nc_sameSiteCookiestrict=true; nc_username=trupf; oc_sessionPassphrase=.....; oc85ae6e4789=l79941cr1es8f5v32h7t72u5il; nc_token=hdrk1SPSsXuodE%2BTwziX9C2Ap1CeKcgD; nc_session_id=l79941cr1es8f5v32h7t72u5il"

While any difference might cause suspect proxy to react differently, the most glaring difference is that headers sent by Floccus lack any Cookies, which seem to be already be used for authentication at this stage (your nginx debug logs do not mention http header: "Authorization: basic" anywhere).

So I would guess the problem occurs somewhere before error_debug.log that you've sent before, @trupf

Could you try:

1. exiting the web browser
2. starting debug log in nginx (or remembering its position if its already on)
3. starting the browser
4. attempting the sync
5. waiting for failure
6. sending debug log produced in time between step (2) and step (5).

That should capture the authentication attempt.

<!-- gh-comment-id:922528551 --> @mnalis commented on GitHub (Sep 19, 2021): Few observations, this seems to be the difference in headers sent to server when fetching `/owncloud/index.php/apps/bookmarks/public/rest/v2/folder/-1/hash` ```diff --- head_floccus.txt 2021-09-19 20:53:16.976555816 +0200 +++ head_browser.txt 2021-09-19 20:42:50.594542889 +0200 @@ -6,0 +7 @@ -http header: "Cache-Control: max-stale=0" +http header: "Cache-Control: max-age=0" +http header: "Upgrade-Insecure-Requests: 1" -http header: "Accept: */*" +http header: "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9" -http header: "Sec-Fetch-Mode: cors" +http header: "Sec-Fetch-Mode: navigate" -http header: "Sec-Fetch-Dest: empty" +http header: "Sec-Fetch-Dest: document" +http header: "Sec-Fetch-User: ?1" +http header: "Cookie: nc_sameSiteCookielax=true; nc_sameSiteCookiestrict=true; nc_username=trupf; oc_sessionPassphrase=.....; oc85ae6e4789=l79941cr1es8f5v32h7t72u5il; nc_token=hdrk1SPSsXuodE%2BTwziX9C2Ap1CeKcgD; nc_session_id=l79941cr1es8f5v32h7t72u5il" ``` While any difference might cause suspect proxy to react differently, the most glaring difference is that headers sent by Floccus lack any Cookies, which seem to be already be used for authentication at this stage (your nginx debug logs do not mention `http header: "Authorization: basic"` anywhere). So I would guess the problem occurs somewhere **before** `error_debug.log` that you've sent before, @trupf Could you try: 1. exiting the web browser 2. starting debug log in nginx (or remembering its position if its already on) 3. starting the browser 4. attempting the sync 5. waiting for failure 6. sending debug log produced in time between step (2) and step (5). That should capture the authentication attempt.

kerem commented 2026-02-25 22:37:39 +03:00

Author

Owner

Copy link

@trupf commented on GitHub (Sep 20, 2021):

Above you wrote "after logging in to your nextcloud instance" so it is clear authentication is already done. Anyway as long as I don't explicitly log off or delete cookies I don't need new log in to nextcloud, even if I restarted my computer or started a new browser session. So authentication is probably done with cookies and only if no valid cookie found with a new login. I can follow your procedure above but you will find multiple connections than, as it will take longer an I cannot filter for just floccus. Just to make you aware I don't fill in the password field in floccus. Instead I'm using the button right at the end of the user name field to sign in with the browser (which is working, but the sync afterwards doesn't). This way I would expect floccus to create a cookie for authentication and use it (same way as the nextcloud sync client does). This way floccus does work on my home computer (without company proxy). I also tried to use a separate app password for floccus (as I have 2 factor auth enabled) but this doesn't work either.

<!-- gh-comment-id:922919056 --> @trupf commented on GitHub (Sep 20, 2021): Above you wrote "after logging in to your nextcloud instance" so it is clear authentication is already done. Anyway as long as I don't explicitly log off or delete cookies I don't need new log in to nextcloud, even if I restarted my computer or started a new browser session. So authentication is probably done with cookies and only if no valid cookie found with a new login. I can follow your procedure above but you will find multiple connections than, as it will take longer an I cannot filter for just floccus. Just to make you aware I don't fill in the password field in floccus. Instead I'm using the button right at the end of the user name field to sign in with the browser (which is working, but the sync afterwards doesn't). This way I would expect floccus to create a cookie for authentication and use it (same way as the nextcloud sync client does). This way floccus does work on my home computer (without company proxy). I also tried to use a separate app password for floccus (as I have 2 factor auth enabled) but this doesn't work either.

kerem commented 2026-02-25 22:37:39 +03:00

Author

Owner

Copy link

@marcelklehr commented on GitHub (Sep 20, 2021):

Instead I'm using the button right at the end of the user name field to sign in with the browser (which is working, but the sync afterwards doesn't). This way I would expect floccus to create a cookie for authentication and use it (same way as the nextcloud sync client does)

Fyi, using the nextcloud login flow produces an app password which is sent via the Basic Auth header just like a normal password.

To test the authentication I recommend using curl as follows:

curl -u "username:apppassword" -vvv https://your_nextcloud.example.com/owncloud/index.php/apps/bookmarks/public/rest/v2/folder/-1/hash

<!-- gh-comment-id:922926583 --> @marcelklehr commented on GitHub (Sep 20, 2021): > Instead I'm using the button right at the end of the user name field to sign in with the browser (which is working, but the sync afterwards doesn't). This way I would expect floccus to create a cookie for authentication and use it (same way as the nextcloud sync client does) Fyi, using the nextcloud login flow produces an app password which is sent via the Basic Auth header just like a normal password. To test the authentication I recommend using curl as follows: ```sh curl -u "username:apppassword" -vvv https://your_nextcloud.example.com/owncloud/index.php/apps/bookmarks/public/rest/v2/folder/-1/hash ```

kerem commented 2026-02-25 22:37:39 +03:00

Author

Owner

Copy link

@trupf commented on GitHub (Sep 20, 2021):

here is the requested debug log. This time i have not deleted previous (as I think unrelated) requests.

error_debug3.log

I can not use curl on my company laptop (and if I would need a way to use the proxy). But with my private and without the proxy the request ist working.

<!-- gh-comment-id:922938508 --> @trupf commented on GitHub (Sep 20, 2021): here is the requested debug log. This time i have not deleted previous (as I think unrelated) requests. [error_debug3.log](https://github.com/floccusaddon/floccus/files/7196072/error_debug3.log) I can not use curl on my company laptop (and if I would need a way to use the proxy). But with my private and without the proxy the request ist working.

kerem commented 2026-02-25 22:37:39 +03:00

Author

Owner

Copy link

@mnalis commented on GitHub (Sep 21, 2021):

Above you wrote "after logging in to your nextcloud instance" so it is clear authentication is already done.

Yes I did, for the 2 URLs you manually entered in web browser. What I'm trying to find out here is how floccus internal method (which doesn't work for you) differs from the way normal browser tabs works. If they worked in exactly the same way, they would both work (or both fail). The interesting part is that one method (web login in normal browsing tab, which produces cookie) works, while the other (floccus addon auth) fails.

Request generated by floccus in my case (with separate app password) looks like:

Request received from client: GET /owncloud/index.php/apps/bookmarks/public/rest/v2/folder/-1/hash HTTP/1.1
 Headers received from client:
   Host: my.nextcloud.example.com
   User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0
   Accept: */*
   Accept-Language: en-US,en;q=0.7,hr;q=0.3
   Accept-Encoding: gzip, deflate, br
   Authorization: Basic xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
   DNT: 1
   Connection: keep-alive

So in my case Floccus uses HTTP basic auth on each request, instead of "form login submit sets cookie" like web-browser login on nextcloud does. Since you say you were able to login on https://authenticationtest.com/HTTPAuth/ which also use same HTTP basic authentication method, floccus HTTP basic auth should work too.

If it doesn't, and BlueCoat strips authentication header before it reaches your nextcloud instance, but does not strip it for https://authenticationtest.com/HTTPAuth/, there must be a reason, and that reason is determined by request that is sent to proxy server. If requests were exactly the same, the result must be exactly the same too. But they never are completely the same, so BlueCoat might strip authentication header (if it really does that) depending on whether:

• it doesn't like some header the floccus sends (maybe Accept: */* or DNT: 1 ?) - which might be helped by new floccus version, if we find out exactly what it doesn't like (having curl would be very helpful here)
• it has some sites blacklisted by name (for example, if it contains nextcloud in the name), in which case you can workaround that by changing (or adding alias) FQDN for your site name
• it has same sites blacklisted by IP (errr, move the site to different hosting?)
• it only whitelists some sites by IP or FQDN (no workaround except asking for your site to be added as exception)
• it doesn't like something about HTTPS certificate or something (expired? self-signed? CA untrusted by BlueCoat? maybe could try different certificate or plain HTTP. curl would also help here)
• it doesn't like some path part of the URL (for example, strips authentication header if there is public in path name, or /-1/ or something - not much help here without kludging both floccus and nextcloud code if that is the case!). Not very likely to be the issue, though.

Or in all cases, you can try contacting your proxy administrator, and see if the restrictions can be changed/lifted, of course.
Knowing what exactly is the problem would likely help with that too (if it is an option at all, of course).

Just to make you aware I don't fill in the password field in floccus. Instead I'm using the button right at the end of the user name field to sign in with the browser (which is working, but the sync afterwards doesn't). This way I would expect floccus to create a cookie for authentication and use it (same way as the nextcloud sync client does). This way floccus does work on my home computer (without company proxy). I also tried to use a separate app password for floccus (as I have 2 factor auth enabled) but this doesn't work either.

Ah, I'm not sure how that way works; but is possibly harder to debug if it works differently. Could you try removing that floccus account on your company laptop, and setup a new account with separate app password for floccus, and send me that 6-step logs for that? Mixed requests should not be a huge problem, as all that pass through your company proxy seem to have X-BlueCoat-Via header.

Also, when you say you can't use curl, is it because you can't download/run an executable from https://curl.se/windows/ ? Or simply because you must use company proxy to access the web? Because curl has --proxy https://your.proxy.server.example.com:port option which should work with your company proxy.
If you can download and run curl, it would greatly simplify the debug process.

<!-- gh-comment-id:923499610 --> @mnalis commented on GitHub (Sep 21, 2021): > Above you wrote "after logging in to your nextcloud instance" so it is clear authentication is already done. Yes I did, _for the 2 URLs you manually entered in web browser_. What I'm trying to find out here is how floccus internal method (which doesn't work for you) differs from the way normal browser tabs works. If they worked in exactly the same way, they would both work (or both fail). The interesting part is that one method (web login in normal browsing tab, which produces cookie) works, while the other (floccus addon auth) fails. Request generated by floccus in my case (with separate app password) looks like: ``` Request received from client: GET /owncloud/index.php/apps/bookmarks/public/rest/v2/folder/-1/hash HTTP/1.1 Headers received from client: Host: my.nextcloud.example.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0 Accept: */* Accept-Language: en-US,en;q=0.7,hr;q=0.3 Accept-Encoding: gzip, deflate, br Authorization: Basic xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx DNT: 1 Connection: keep-alive ``` So in my case Floccus uses HTTP basic auth on each request, instead of "form login submit sets cookie" like web-browser login on nextcloud does. Since you say you were able to login on https://authenticationtest.com/HTTPAuth/ which also use same HTTP basic authentication method, floccus HTTP basic auth **should** work too. If it doesn't, and BlueCoat strips authentication header before it reaches your nextcloud instance, but does not strip it for https://authenticationtest.com/HTTPAuth/, there must be a reason, and that reason is determined by request that is sent to proxy server. If requests were **exactly the same**, the result must be exactly the same too. But they never are **completely** the same, so BlueCoat might strip authentication header (if it really does that) depending on whether: - it doesn't like some header the floccus sends (maybe `Accept: */*` or `DNT: 1` ?) - which might be helped by new floccus version, if we find out exactly what it doesn't like (having `curl` would be very helpful here) - it has some sites blacklisted by name (for example, if it contains `nextcloud` in the name), in which case you can workaround that by changing (or adding alias) FQDN for your site name - it has same sites blacklisted by IP (errr, move the site to different hosting?) - it only whitelists some sites by IP or FQDN (no workaround except asking for your site to be added as exception) - it doesn't like something about HTTPS certificate or something (expired? self-signed? CA untrusted by BlueCoat? maybe could try different certificate or plain HTTP. `curl` would also help here) - it doesn't like some path part of the URL (for example, strips authentication header if there is `public` in path name, or `/-1/` or something - not much help here without kludging both floccus and nextcloud code if that is the case!). Not very likely to be the issue, though. Or in all cases, you can try contacting your proxy administrator, and see if the restrictions can be changed/lifted, of course. Knowing what exactly is the problem would likely help with that too (if it is an option at all, of course). > Just to make you aware I don't fill in the password field in floccus. Instead I'm using the button right at the end of the user name field to sign in with the browser (which is working, but the sync afterwards doesn't). This way I would expect floccus to create a cookie for authentication and use it (same way as the nextcloud sync client does). This way floccus does work on my home computer (without company proxy). I also tried to use a separate app password for floccus (as I have 2 factor auth enabled) but this doesn't work either. Ah, I'm not sure how that way works; but is possibly harder to debug if it works differently. Could you try removing that floccus account on your company laptop, and setup a new account with separate app password for floccus, and send me that [6-step logs](https://github.com/floccusaddon/floccus/issues/947#issuecomment-922528551) for that? Mixed requests should not be a huge problem, as all that pass through your company proxy seem to have `X-BlueCoat-Via` header. Also, when you say you can't use `curl`, is it because you can't download/run an executable from https://curl.se/windows/ ? Or simply because you must use company proxy to access the web? Because curl has `--proxy https://your.proxy.server.example.com:port` option which should work with your company proxy. If you can download and run `curl`, it would **greatly** simplify the debug process.

kerem commented 2026-02-25 22:37:39 +03:00

Author

Owner

Copy link

@mnalis commented on GitHub (Sep 21, 2021):

@trupf if you can install curl, the output of the following would be useful:

curl --proxy https://your.proxy.server.example.com:port -u "username:apppassword" -vvv https://your_nextcloud.example.com/owncloud/index.php/apps/bookmarks/public/rest/v2/folder/-1/hash
curl --proxy https://your.proxy.server.example.com:port -u "username:apppassword" -vvv -H "DNT: 1" -H "Accept: */*" https://your_nextcloud.example.com/owncloud/index.php/apps/bookmarks/public/rest/v2/folder/-1/hash
curl --proxy https://your.proxy.server.example.com:port -vvv -u User:Pass https://authenticationtest.com/HTTPAuth/
curl --proxy https://your.proxy.server.example.com:port -vvv -H "DNT: 1" -H "Accept: */*" -u User:Pass https://authenticationtest.com/HTTPAuth/

It would hopefully show if any of the extra headers have effect on proxy, and are there certificate differences that might be problematic. Depending on the results, I can setup (if needed) few URLs that would test if it is path values that are problematic instead.

<!-- gh-comment-id:923525106 --> @mnalis commented on GitHub (Sep 21, 2021): @trupf if you can install `curl`, the output of the following would be useful: ``` curl --proxy https://your.proxy.server.example.com:port -u "username:apppassword" -vvv https://your_nextcloud.example.com/owncloud/index.php/apps/bookmarks/public/rest/v2/folder/-1/hash curl --proxy https://your.proxy.server.example.com:port -u "username:apppassword" -vvv -H "DNT: 1" -H "Accept: */*" https://your_nextcloud.example.com/owncloud/index.php/apps/bookmarks/public/rest/v2/folder/-1/hash curl --proxy https://your.proxy.server.example.com:port -vvv -u User:Pass https://authenticationtest.com/HTTPAuth/ curl --proxy https://your.proxy.server.example.com:port -vvv -H "DNT: 1" -H "Accept: */*" -u User:Pass https://authenticationtest.com/HTTPAuth/ ``` It would hopefully show if any of the extra headers have effect on proxy, and are there certificate differences that might be problematic. Depending on the results, I can setup (if needed) few URLs that would test if it is path values that are problematic instead.

kerem commented 2026-02-25 22:37:39 +03:00

Author

Owner

Copy link

@MicMun commented on GitHub (Sep 21, 2021):

https://authenticationtest.com/HTTPAuth/ is blocked at my company, but it is interesting that folder and bookmark is acting different.

1. curl --proxy https://your.proxy.server.example.com:port -u "username:apppassword" -vvv https://your_nextcloud.example.com/owncloud/index.php/apps/bookmarks/public/rest/v2/folder/-1/hash
   HTTP/1.1 400 Bad request
   {"status":"error","data":"Could not find folder"}

2. curl --proxy https://your.proxy.server.example.com:port -u "username:apppassword" -vvv https://your_nextcloud.example.com/owncloud/index.php/apps/bookmarks/public/rest/v2/bookmark?page=0&limit=300
   HTTP/1.1 401 Unauthorized
   {"status":"error","data":"Unauthorized"}

The request is identical: Authorization, User-Agent and "Accept: */*" is send to nextcloud. The DNT header makes no difference in output (I tried with and without DNT).

The main differences in the response I can see:
1.: Cache-Control: no-cache, no-store, must-revalidate
2.: Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Only in 2.:
Authentication problem. Ignoring this.
WWW-Authenticate: Basic realm="Nextcloud", charset="UTF-8"
Set-Cookie: BCSI-CS-4935385577b06649=1; Path=/
Proxy-support: Session-based-authentication

The whole output has too much critical infos, so I cannot provide this to you. But perhaps the diff helps.
The first request .../folder/-1/hash returns the same message in browser before login, after login to nextcloud the request returns valid data without error.

I'm really surprised, that the requests differs in the result. I thought, the proxy does always the same thing and the problem must also be always the same.

<!-- gh-comment-id:923699657 --> @MicMun commented on GitHub (Sep 21, 2021): https://authenticationtest.com/HTTPAuth/ is blocked at my company, but it is interesting that folder and bookmark is acting different. 1. curl --proxy https://your.proxy.server.example.com:port -u "username:apppassword" -vvv https://your_nextcloud.example.com/owncloud/index.php/apps/bookmarks/public/rest/v2/folder/-1/hash HTTP/1.1 400 Bad request {"status":"error","data":"Could not find folder"} 2. curl --proxy https://your.proxy.server.example.com:port -u "username:apppassword" -vvv https://your_nextcloud.example.com/owncloud/index.php/apps/bookmarks/public/rest/v2/bookmark?page=0&limit=300 HTTP/1.1 401 Unauthorized {"status":"error","data":"Unauthorized"} The request is identical: Authorization, User-Agent and "Accept: \*/\*" is send to nextcloud. The DNT header makes no difference in output (I tried with and without DNT). The main differences in the response I can see: 1.: Cache-Control: no-cache, no-store, must-revalidate 2.: Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate Only in 2.: Authentication problem. Ignoring this. WWW-Authenticate: Basic realm="Nextcloud", charset="UTF-8" Set-Cookie: BCSI-CS-4935385577b06649=1; Path=/ Proxy-support: Session-based-authentication The whole output has too much critical infos, so I cannot provide this to you. But perhaps the diff helps. The first request .../folder/-1/hash returns the same message in browser before login, after login to nextcloud the request returns valid data without error. I'm really surprised, that the requests differs in the result. I thought, the proxy does always the same thing and the problem must also be always the same.

kerem commented 2026-02-25 22:37:39 +03:00

Author

Owner

Copy link

@trupf commented on GitHub (Sep 21, 2021):

to answer some of your questions:

• I have no "nextcloud" term in my FQDN, even if, it would be filtered and should also be filtered from the web browser connection
• same applies for IP filter
• I've tried to use curl, but I don't get proxy auth to work with curl, not even with curl -x "http://user:pass@proxy:port" I always get error 407
• I use nextcloud with a letsencrypt cert (not a self signed one)

<!-- gh-comment-id:923729929 --> @trupf commented on GitHub (Sep 21, 2021): to answer some of your questions: - I have no "nextcloud" term in my FQDN, even if, it would be filtered and should also be filtered from the web browser connection - same applies for IP filter - I've tried to use curl, but I don't get proxy auth to work with curl, not even with curl -x "http://user:pass@proxy:port" I always get error 407 - I use nextcloud with a letsencrypt cert (not a self signed one)

kerem commented 2026-02-25 22:37:39 +03:00

Author

Owner

Copy link

@trupf commented on GitHub (Sep 21, 2021):

What I also can confirm now is, that the Authentication: Basic header is received from my home computer (without BlueCoat proxy) but not from company. I can not tell if it is sent at all. But for another site on the same server requiring Basic auth this header is sent via BlueCoat and received. I found also, that in this case a first attempt is made without the header, server returns error 401, following second request includes the header. I have not seen this second request in the floccus debug logs.
Could it be BlueCoat is only filtering unrequested authentication credentials?

<!-- gh-comment-id:923860033 --> @trupf commented on GitHub (Sep 21, 2021): What I also can confirm now is, that the Authentication: Basic header is received from my home computer (without BlueCoat proxy) but not from company. I can not tell if it is sent at all. But for another site on the same server requiring Basic auth this header is sent via BlueCoat and received. I found also, that in this case a first attempt is made without the header, server returns error 401, following second request includes the header. I have not seen this second request in the floccus debug logs. Could it be BlueCoat is only filtering unrequested authentication credentials?

kerem commented 2026-02-25 22:37:39 +03:00

Author

Owner

Copy link

@mnalis commented on GitHub (Sep 21, 2021):

https://authenticationtest.com/HTTPAuth/ is blocked at my company, but it is interesting that folder and bookmark is acting different.

thanks @MicMun, can you also show what HTTP response does the proxy send when trying to access https://authenticationtest.com/HTTPAuth/ when it is blocked? Also, does the proxy in your case work with any site using HTTP basic auth?

1. curl --proxy https://your.proxy.server.example.com:port -u "username:apppassword" -vvv https://your_nextcloud.example.com/owncloud/index.php/apps/bookmarks/public/rest/v2/folder/-1/hash
   HTTP/1.1 400 Bad request
   {"status":"error","data":"Could not find folder"}

2. curl --proxy https://your.proxy.server.example.com:port -u "username:apppassword" -vvv https://your_nextcloud.example.com/owncloud/index.php/apps/bookmarks/public/rest/v2/bookmark?page=0&limit=300
   HTTP/1.1 401 Unauthorized
   {"status":"error","data":"Unauthorized"}

I've checked with my non-proxied nextcloud, and that behavior (sending 400 Bad request for 1st URL if no auth header is sent) seems to be the way nextcloud bookmarks behaves, so it seems not to be related to our proxy problem. But I do agree it would likely be more correct if it sent 401 Unauthorized instead, as the 2nd URL does.

The request is identical: Authorization, User-Agent and "Accept: /" is send to nextcloud. The DNT header makes no difference in output (I tried with and without DNT).

Could you try those connections with overridden Accept headers, like this:

• by adding -H "Accept:" to the curl line (that would delete default Accept header)
• by adding -H "Accept: application/json" to the curl line (that would replace default Accept header with different one).

I understand that the data can be sensitive. I would however like to get all headers that are sent (lines begining with >, like 4 lines in example below) and at least the HTTP response (first line beginning with <, like < HTTP/1.1 200 OK in example below). Please do redact the two lines containing sensitive data (text after Authorization: Basic and hostname after Host:), but do leave the lines themselves in the output, like the following:

> GET /owncloud/index.php/apps/bookmarks/public/rest/v2/folder/-1/hash HTTP/1.1
> Host: my.nextcloud.example.com
> Authorization: Basic xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> User-Agent: curl/7.74.0
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK

(lines above starting with * mentioning TLS/SSL are also not important at this time, I've left them so you can more easily find the output I want).

The first request .../folder/-1/hash returns the same message in browser before login, after login to nextcloud the request returns valid data without error.

Thanks, that is consistent behavior with my test results when not using the proxy at all.

I'm really surprised, that the requests differs in the result. I thought, the proxy does always the same thing and the problem must also be always the same.

In this case it is nextcloud (bookmarks) which behaves differently, but proxy might well be doing it's own similar thing.

<!-- gh-comment-id:923921916 --> @mnalis commented on GitHub (Sep 21, 2021): > https://authenticationtest.com/HTTPAuth/ is blocked at my company, but it is interesting that folder and bookmark is acting different. thanks @MicMun, can you also show what HTTP response does the proxy send when trying to access https://authenticationtest.com/HTTPAuth/ when it is blocked? Also, does the proxy in your case work with **any** site using HTTP basic auth? > 1. curl --proxy https://your.proxy.server.example.com:port -u "username:apppassword" -vvv https://your_nextcloud.example.com/owncloud/index.php/apps/bookmarks/public/rest/v2/folder/-1/hash > HTTP/1.1 400 Bad request > {"status":"error","data":"Could not find folder"} > > 2. curl --proxy https://your.proxy.server.example.com:port -u "username:apppassword" -vvv https://your_nextcloud.example.com/owncloud/index.php/apps/bookmarks/public/rest/v2/bookmark?page=0&limit=300 > HTTP/1.1 401 Unauthorized > {"status":"error","data":"Unauthorized"} I've checked with my non-proxied nextcloud, and that behavior (sending `400 Bad request` for 1st URL if no auth header is sent) seems to be the way nextcloud bookmarks behaves, so it seems not to be related to our proxy problem. But I do agree it would likely be more correct if it sent `401 Unauthorized` instead, as the 2nd URL does. > The request is identical: Authorization, User-Agent and "Accept: */*" is send to nextcloud. The DNT header makes no difference in output (I tried with and without DNT). Could you try those connections with overridden `Accept` headers, like this: - by adding `-H "Accept:"` to the `curl` line (that would delete default `Accept` header) - by adding `-H "Accept: application/json"` to the `curl` line (that would replace default `Accept` header with different one). I understand that the data can be sensitive. I would however like to get all headers that are sent (lines begining with `>`, like 4 lines in example below) and at least the HTTP response (first line beginning with `<`, like `< HTTP/1.1 200 OK` in example below). Please do **redact the two lines containing sensitive data** (text after `Authorization: Basic` and hostname after `Host:`), but do leave the lines themselves in the output, like the following: ``` > GET /owncloud/index.php/apps/bookmarks/public/rest/v2/folder/-1/hash HTTP/1.1 > Host: my.nextcloud.example.com > Authorization: Basic xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx > User-Agent: curl/7.74.0 > * TLSv1.3 (IN), TLS handshake, Newsession Ticket (4): * TLSv1.3 (IN), TLS handshake, Newsession Ticket (4): * old SSL session ID is stale, removing * Mark bundle as not supporting multiuse < HTTP/1.1 200 OK ``` (lines above starting with `*` mentioning TLS/SSL are also not important at this time, I've left them so you can more easily find the output I want). > The first request .../folder/-1/hash returns the same message in browser before login, after login to nextcloud the request returns valid data without error. Thanks, that is consistent behavior with my test results when not using the proxy at all. > I'm really surprised, that the requests differs in the result. I thought, the proxy does always the same thing and the problem must also be always the same. In this case it is nextcloud (bookmarks) which behaves differently, but proxy might well be doing it's own similar thing.

kerem commented 2026-02-25 22:37:39 +03:00

Author

Owner

Copy link

@mnalis commented on GitHub (Sep 21, 2021):

@trupf

I've tried to use curl, but I don't get proxy auth to work with curl, not even with curl -x "http://user:pass@proxy:port" I always get error 407

I don't think curl accepts that syntax user:pass@proxy; you need to use separate --proxy-user if your proxy requires authentication. eg.

curl --proxy https://your.proxy.server.example.com:port --proxy-user yourproxyuser:yourproxypassword -u "nextcloudusername:nextcloudapppassword" -vvv https://your_nextcloud.example.com/owncloud/index.php/apps/bookmarks/public/rest/v2/folder/-1/hash

What I also can confirm now is, that the Authentication: Basic header is received from my home computer (without BlueCoat proxy) but not from company. I can not tell if it is sent at all.

That is where curl will help, it would show what exactly it is sending (and then, if needed, we can compare that against your nginx log to see what exactly is being received, to determine what exactly the proxy has changed/deleted).

But for another site on the same server requiring Basic auth this header is sent via BlueCoat and received. I found also, that in this case a first attempt is made without the header, server returns error 401, following second request includes the header. I have not seen this second request in the floccus debug logs.

Here are few revised curl calls to try. Please do execute them exactly in the order shown (some are repeated):

curl --proxy https://your.proxy.server.example.com:port --proxy-user yourproxyuser:yourproxypassword -u nextcloudusername:nextcloudapppassword -vvv -H "Accept: application/json" https://your_nextcloud.example.com/owncloud/index.php/apps/bookmarks/public/rest/v2/folder/-1/hash

curl --proxy https://your.proxy.server.example.com:port --proxy-user yourproxyuser:yourproxypassword -u nextcloudusername:nextcloudapppassword -vvv -H "DNT: 1" -H "Accept: */*" https://your_nextcloud.example.com/owncloud/index.php/apps/bookmarks/public/rest/v2/folder/-1/hash

curl --proxy https://your.proxy.server.example.com:port --proxy-user yourproxyuser:yourproxypassword -vvv -u User:Pass https://authenticationtest.com/HTTPAuth/

Of course, replace your.proxy.server.example.com:port and yourproxyuser:yourproxypassword with your proxy information, as well as nextcloudusername:nextcloudapppassword with you nextclound username / app password.

Could it be BlueCoat is only filtering unrequested authentication credentials?

That is quite possible indeed! In fact, it could even kind-of make sense that it does that to try to prevent a certain type of CSRF attacks.

If you could use curl in previous 3 command, try this (note: only try it if you could get curl to work from previous 3 commands, and only try it once and in exact order as shown - some are duplicates and some without username/pass for a reason). Also save full output locally even if you send here just redacted information as I suggested to @MicMun, as I might have few followup questions on them:

curl --proxy https://your.proxy.server.example.com:port --proxy-user yourproxyuser:yourproxypassword -u nextcloudusername:nextcloudapppassword -vvv https://your_nextcloud.example.com/owncloud/index.php/apps/bookmarks/public/rest/v2/bookmark?page=0&limit=3

curl --proxy https://your.proxy.server.example.com:port --proxy-user yourproxyuser:yourproxypassword -vvv https://your_nextcloud.example.com/owncloud/index.php/apps/bookmarks/public/rest/v2/bookmark?page=0&limit=3

curl --proxy https://your.proxy.server.example.com:port --proxy-user yourproxyuser:yourproxypassword -u nextcloudusername:nextcloudapppassword -vvv https://your_nextcloud.example.com/owncloud/index.php/apps/bookmarks/public/rest/v2/bookmark?page=0&limit=3

<!-- gh-comment-id:923994363 --> @mnalis commented on GitHub (Sep 21, 2021): @trupf > I've tried to use curl, but I don't get proxy auth to work with curl, not even with curl -x "http://user:pass@proxy:port" I always get error 407 I don't think `curl` accepts that [syntax](https://curl.se/docs/manpage.html) `user:pass@proxy`; you need to use separate `--proxy-user` if your proxy requires authentication. eg. ``` curl --proxy https://your.proxy.server.example.com:port --proxy-user yourproxyuser:yourproxypassword -u "nextcloudusername:nextcloudapppassword" -vvv https://your_nextcloud.example.com/owncloud/index.php/apps/bookmarks/public/rest/v2/folder/-1/hash ``` > What I also can confirm now is, that the Authentication: Basic header is received from my home computer (without BlueCoat proxy) but not from company. I can not tell if it is sent at all. That is where `curl` will help, it would show what exactly it is sending (and then, if needed, we can compare that against your nginx log to see what exactly is being received, to determine what exactly the proxy has changed/deleted). > But for another site on the same server requiring Basic auth this header is sent via BlueCoat and received. I found also, that in this case a first attempt is made without the header, server returns error 401, following second request includes the header. I have not seen this second request in the floccus debug logs. Here are few revised `curl` calls to try. Please do execute them exactly in the order shown (some are repeated): ``` curl --proxy https://your.proxy.server.example.com:port --proxy-user yourproxyuser:yourproxypassword -u nextcloudusername:nextcloudapppassword -vvv -H "Accept: application/json" https://your_nextcloud.example.com/owncloud/index.php/apps/bookmarks/public/rest/v2/folder/-1/hash curl --proxy https://your.proxy.server.example.com:port --proxy-user yourproxyuser:yourproxypassword -u nextcloudusername:nextcloudapppassword -vvv -H "DNT: 1" -H "Accept: */*" https://your_nextcloud.example.com/owncloud/index.php/apps/bookmarks/public/rest/v2/folder/-1/hash curl --proxy https://your.proxy.server.example.com:port --proxy-user yourproxyuser:yourproxypassword -vvv -u User:Pass https://authenticationtest.com/HTTPAuth/ ``` Of course, replace `your.proxy.server.example.com:port` and `yourproxyuser:yourproxypassword` with your proxy information, as well as `nextcloudusername:nextcloudapppassword` with you nextclound username / app password. > Could it be BlueCoat is only filtering unrequested authentication credentials? That is quite possible indeed! In fact, it could even kind-of make sense that it does that to try to prevent a certain type of [CSRF](https://en.wikipedia.org/wiki/Cross-site_request_forgery) attacks. If you could use curl in previous 3 command, try this (note: only try it if you could get curl to work from previous 3 commands, and **only try it once and in exact order as shown** - some are duplicates and some without username/pass for a reason). Also save full output locally even if you send here just redacted information as I suggested to @MicMun, as I might have few followup questions on them: ``` curl --proxy https://your.proxy.server.example.com:port --proxy-user yourproxyuser:yourproxypassword -u nextcloudusername:nextcloudapppassword -vvv https://your_nextcloud.example.com/owncloud/index.php/apps/bookmarks/public/rest/v2/bookmark?page=0&limit=3 curl --proxy https://your.proxy.server.example.com:port --proxy-user yourproxyuser:yourproxypassword -vvv https://your_nextcloud.example.com/owncloud/index.php/apps/bookmarks/public/rest/v2/bookmark?page=0&limit=3 curl --proxy https://your.proxy.server.example.com:port --proxy-user yourproxyuser:yourproxypassword -u nextcloudusername:nextcloudapppassword -vvv https://your_nextcloud.example.com/owncloud/index.php/apps/bookmarks/public/rest/v2/bookmark?page=0&limit=3 ```

kerem commented 2026-02-25 22:37:39 +03:00

Author

Owner

Copy link

@trupf commented on GitHub (Sep 21, 2021):

Finally I had some success with the statements as in curl_req2.txt....

curl_req2.txt
error_debug10.log

<!-- gh-comment-id:924166679 --> @trupf commented on GitHub (Sep 21, 2021): Finally I had some success with the statements as in curl_req2.txt.... [curl_req2.txt](https://github.com/floccusaddon/floccus/files/7204887/curl_req2.txt) [error_debug10.log](https://github.com/floccusaddon/floccus/files/7204873/error_debug10.log)

kerem referenced this issue 2026-02-25 22:37:49 +03:00

[GH-ISSUE #1033] [feature request] Support buku bookmarks.db #681

kerem referenced this issue 2026-02-25 22:37:52 +03:00

[GH-ISSUE #1055] Incorporate htmlToXBel #697

kerem referenced this issue 2026-02-25 23:30:57 +03:00

[PR #1180] [MERGED] WebDav: Allow syncing via HTML file #1828

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

develop

dependabot/npm_and_yarn/fast-xml-parser-5.7.0

dependabot/npm_and_yarn/xmldom/xmldom-0.8.13

dependabot/npm_and_yarn/protocol-buffers-schema-3.6.1

master

fix/xml-entity-limit

all-contributors/add-aaryanvangari

fix/subscanner-residuals

test/subscanner-residuals

test/problematic-seeds

perf/improve-build-time

perf/native-startup

fix/continuation-null-cheks

dropbox

fix/clear-indexeddb-after-sync

dependabot/npm_and_yarn/vuetify-3.11.4

fix/slim-down-continuation

test/background-worker

refactor/fail-build-if-native-uses-browser-api

feat/improve-failsafe-wording

dependabot/npm_and_yarn/multi-0520f5abeb

feat/release-build

fix/more-mapping-errors

dependabot/npm_and_yarn/intl-messageformat-10.7.18

enh/split-sync-interval-and-auto-sync

enh/gdrive-timeout

feat/safari

feat/capabilities

feat/xxhash3

feat/murmur3

fix/gdrive-error-handling

fix/correctness-fixes

fix/linkwarden

feat/orion

fix/nocache-tests

feat/tab-groups

fix/git-never-force-push

fix/xbel-parse-errors

fix/git-push-errors

fix/chrome-main-folder-ids

dependabot/npm_and_yarn/multi-a9f852c250

chore/use-local-linkwarden-container-in-ci

all-contributors/add-balthanon

dependabot/npm_and_yarn/multi-7c5da94753

fix/revert-indexeddb-logger

fix/acknowlegde-abuse

dependabot/npm_and_yarn/eslint-import-resolver-webpack-0.13.10

fix/rip-out-continuations

fix/webdav-filesize-depth-header

fix/changes-while-syncing

fix/addition-failsafe-minimum

feat/indexeddb-logs

feat/addition-failsafe

fix/webdav-check-filesize

fix/orion

fix/bounded-exponential-backoff

fix/dont-repeat-on-sync-fail

fix-tests

fix/speedup-tab-update-cb

all-contributors/add-andybalaam

all-contributors/add-macrogreg

fix/parse-tag-value

fix/cleanup-deps

refactor/partial-set-data-with-lock

fix/nc-bookmarks-update

fix/move-stabiltiy-same-titled-folders

fix/ios-share-extension

fix/update-selenium

fix/chrome-net-errors

enh/nc-bm-js

sentry

fix/unidirectional-scanner-shoudl-use-mappings

enh/interrupts

dependabot/npm_and_yarn/vue-loader-17.4.2

ci/build-ios

enh/manifest-v3

release/4.19.0

fix/codeql

fix/google-drive-ios

all-contributors/add-dmotte

fix/unidirectional-sync

fix/interrupts

all-contributors/add-pinpontitit

all-contributors/add-dsiminiuk

test/old-apis

test/interrupts-on-nextcloud-bookmarks

feature/no-hashing-in-diff

feature/improve-diff-performance

capacitor

enh/rename-nextcloud-folders

fix/complex-hierarchy-reversal-2

tests/coverage

feature/google-drive

dependabot/npm_and_yarn/eslint-plugin-vue-7.6.0

fix/crypto

dependabot/npm_and_yarn/sass-1.32.7

dependabot/npm_and_yarn/css-loader-5.0.2

dependabot/npm_and_yarn/webpack-cli-4.5.0

fix/performance-hash-caching

dependabot/npm_and_yarn/eslint-plugin-standard-5.0.0

dependabot/npm_and_yarn/sass-loader-10.1.1

dependabot/npm_and_yarn/eslint-import-resolver-webpack-0.13.0

dependabot/npm_and_yarn/webpack-merge-5.7.3

dependabot/npm_and_yarn/p-queue-6.6.2

dependabot/npm_and_yarn/throttle-debounce-3.0.1

fix/lww-move-test

fix/overwrite-strategy

fix/root-folder-sync

enh/local-hash-cash

test/ci

ui/vue

cookie-hack

fix/travis

rollup

refactor/ui

webdav

refactor/modularize

v5.9.1

v5.9.0

v5.8.6

v5.8.5

v5.8.4

v5.8.3

v5.8.2

v5.8.1

v5.8.0

v5.7.0

v5.6.0

v5.5.6

v5.5.5

v5.5.4

v5.5.3

v5.5.2

v5.5.1

v5.5.0

v5.4.5

v5.4.4

v5.4.3

v5.4.2

v5.4.2-alpha.1

v5.4.1

v5.4.0

v5.3.4

v5.3.3

v5.3.1

v5.3.0

v5.3.0-beta.1

v5.2.7

v5.2.6

v5.2.5

v5.2.4

v5.2.3

v5.2.2

v5.2.1

v5.2.0

v5.2.0-beta.3

v5.2.0-beta.2

v5.2.0-beta.1

v5.1.7

v5.1.6

v5.1.5

v5.1.4

v5.1.3

5.1.3-beta.1

v5.1.2

v5.1.1

v5.1.0

v5.0.12

v5.0.12-beta.1

v5.0.11

v5.0.10

v5.0.9

v5.0.8

v5.0.7

v5.0.6

v5.0.5

v5.0.4

v5.0.3

v5.0.2

v5.0.1

v5.0.0

v4.19.1

v4.19.0

v4.18.1

v4.18.0

v4.17.1

v4.17.0

v4.16.0

v4.15.0

v4.14.0

v4.13.1

v4.13.0

v4.12.0

v4.11.0

v4.11.0-alpha.0

v4.10.1

v4.10.0

v4.9.0

v4.8.7

v4.8.6

v4.8.4

v4.8.3

v4.8.2

v4.8.1

v4.8.0

v4.7.0

v4.6.4

v4.6.3

v4.6.2

v4.6.1

v4.6.0

v4.5.0

v4.4.10

v4.4.9

v4.4.8

v4.4.7

v4.4.6

v4.4.5

v4.4.4

v4.4.3

v4.4.2

v4.4.1

v4.4.0

v4.4.0-rc1

v4.3.0

v4.2.6

v4.2.5

v4.2.4

v4.2.3

v4.2.2

v4.2.1

v4.2.0

v4.2.0-beta.4

v4.2.0-beta.3

v4.2.0-beta.2

v4.2.0-beta.1

v4.1.0

v4.0.4

v4.0.3

v4.0.2

v4.0.1

v4.0.0

v4

v4.0.0-alpha.3

v4.0.0-alpha.2

v4.0.0-alpha.1

v3.5.3

v3.5.2

v3.5.1

v3.5.0

v3.4.2

v3.4.1

v3.4.0

v3.4.0-beta.3

v3.4.0-beta.2

v3.4.0-beta.1

v3.3.2

v3.3.1

v3.3.0

v3.3.0-beta.5

v3.3.0-beta.4

v3.3.0-beta.3

v3.3.0-beta.2

v3.3.0-beta.1

v3.2.16

v3.2.15

v3.2.14

v3.2.13

v3.2.12

v3.2.11

v3.2.10

v3.2.9

v3.2.8

v3.2.7

v3.2.6

v3.2.5

v3.2.4

v3.2.3

v3.2.2

v3.2.1

v3.2.0

v3.1.15

v3.1.14

v3.1.13

v3.1.12

v3.1.11

v3.1.10

v3.1.9

v3.1.8

v3.1.7

v3.1.6

v3.1.5

v3.1.4

v3.1.3

v3.1.2

v3.1.1

v3.1.0

v3.0.10

v3.0.9

v3.0.8

v3.0.7

v3.0.6

v3.0.5

v3.0.4

v3.0.3

v3.0.2

v3.0.1

v3.0.0

v3.0.0-beta.9

v3.0.0-beta.8

v3.0.0-beta.7

v2.2.9

v3.0.0-beta.6

v3.0.0-beta.5

v3.0.0-beta.4

v3.0.0-beta.3

v3.0.0-beta.2

v3.0.0-beta-1

v3.0.0-alpha-1

v2.2.8

v2.2.7

v2.2.6

v2.2.5

v2.2.4

v2.2.3

v2.2.2

v2.2.1

v2.2.0

v2.1.0

v2.0.6

v2.0.5

v2.0.4

v2.0.3

v2.0.2

v2.0.1

v2.0.0

v2.0.0-beta.2

v1.3.4

v2.0.0-beta.1

v1.3.3

v1.3.2

v1.3.1

v1.3.0

v1.3.0-beta.5

v1.3.0-beta.4

v1.3.0-beta.3

v1.3.0-beta.2

v1.3.0-beta1

v1.2.0

v1.1.2

v1.1.1

v1.1.0

v1.0.1

v1.0.0

Labels

Clear labels   

browser-specific

  

bug

  

correctness issues

  

enhancement

  

feature: Google Drive

  

feature: Linkwarden

  

feature: git

  

feature: nextcloud-bookmarks

  

feature: tabs

  

feature: webdav

  

help wanted

  

native-app

  

priority: high

  

priority: low

  

priority: medium

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

question

  

stale

  

upstream

  

waiting for more information

  

wontfix

  

🙁 Not following issue template

No labels

browser-specific

bug

correctness issues

enhancement

feature: Google Drive

feature: Linkwarden

feature: git

feature: nextcloud-bookmarks

feature: tabs

feature: webdav

help wanted

native-app

priority: high

priority: low

priority: medium

pull-request

question

question

stale

upstream

waiting for more information

wontfix

🙁 Not following issue template

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/floccus#616

No description provided.