[GH-ISSUE #392] Unable to login in Fifrefox addon behind reverse proxy - NetworkError when attempting to fetch resource. #257

New issue

Closed

opened 2026-03-02 11:48:06 +03:00 by kerem · 27 comments

kerem commented 2026-03-02 11:48:06 +03:00

Owner

Copy link

Originally created by @gottoesplosivo on GitHub (Sep 15, 2024).
Original GitHub issue: https://github.com/karakeep-app/karakeep/issues/392

Hi,

I'm trying to connect through the Firefox add-on via reverse nginx proxy (I use SWAG), however I get this error when trying to login:
NetworkError when attempting to fetch resource.

I'm sure the link I'm using is correct, as well as the login details.
I can connect if using ip:port

Here's the reverse proxy for reference

`server {
listen 443 ssl;
listen [::]:443 ssl;

server_name hoarder.*;

include /config/nginx/ssl.conf;

client_max_body_size 0;

# enable for ldap auth (requires ldap-location.conf in the location block)
#include /config/nginx/ldap-server.conf;

# enable for Authelia (requires authelia-location.conf in the location block)
include /config/nginx/authelia-server.conf;

# enable for Authentik (requires authentik-location.conf in the location block)
#include /config/nginx/authentik-server.conf;

location / {
    # enable the next two lines for http auth
    #auth_basic "Restricted";
    #auth_basic_user_file /config/nginx/.htpasswd;

    # enable for ldap auth (requires ldap-server.conf in the server block)
    #include /config/nginx/ldap-location.conf;

    # enable for Authelia (requires authelia-server.conf in the server block)
    include /config/nginx/authelia-location.conf;

    # enable for Authentik (requires authentik-server.conf in the server block)
    #include /config/nginx/authentik-location.conf;

    include /config/nginx/proxy.conf;
    include /config/nginx/resolver.conf;
    set $upstream_app hoarder;
    set $upstream_port 3000;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;

}

 location ~ (/hoarder)?/api {
     include /config/nginx/proxy.conf;
     include /config/nginx/resolver.conf;
     set $upstream_app hoarder;
     set $upstream_port 3000;
     set $upstream_proto http;
     proxy_pass $upstream_proto://$upstream_app:$upstream_port;

 }

}`

Any help is appreciated :)

Originally created by @gottoesplosivo on GitHub (Sep 15, 2024). Original GitHub issue: https://github.com/karakeep-app/karakeep/issues/392 Hi, I'm trying to connect through the Firefox add-on via reverse nginx proxy (I use SWAG), however I get this error when trying to login: `NetworkError when attempting to fetch resource.` I'm sure the link I'm using is correct, as well as the login details. I can connect if using ip:port Here's the reverse proxy for reference `server { listen 443 ssl; listen [::]:443 ssl; server_name hoarder.*; include /config/nginx/ssl.conf; client_max_body_size 0; # enable for ldap auth (requires ldap-location.conf in the location block) #include /config/nginx/ldap-server.conf; # enable for Authelia (requires authelia-location.conf in the location block) include /config/nginx/authelia-server.conf; # enable for Authentik (requires authentik-location.conf in the location block) #include /config/nginx/authentik-server.conf; location / { # enable the next two lines for http auth #auth_basic "Restricted"; #auth_basic_user_file /config/nginx/.htpasswd; # enable for ldap auth (requires ldap-server.conf in the server block) #include /config/nginx/ldap-location.conf; # enable for Authelia (requires authelia-server.conf in the server block) include /config/nginx/authelia-location.conf; # enable for Authentik (requires authentik-server.conf in the server block) #include /config/nginx/authentik-location.conf; include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app hoarder; set $upstream_port 3000; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; } location ~ (/hoarder)?/api { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; set $upstream_app hoarder; set $upstream_port 3000; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; } }` Any help is appreciated :)

kerem 2026-03-02 11:48:06 +03:00

• closed this issue
• added the
  extension
  question
  labels

kerem commented 2026-03-02 11:48:07 +03:00

Author

Owner

Copy link

@MohamedBassem commented on GitHub (Sep 15, 2024):

Hey, can you get the exact error using the instruction in this video:

https://github.com/MohamedBassem/hoarder-app/assets/2418637/a82e9cee-2454-4e06-b23e-8d3361eb02e1

<!-- gh-comment-id:2351481508 --> @MohamedBassem commented on GitHub (Sep 15, 2024): Hey, can you get the exact error using the instruction in this video: https://github.com/MohamedBassem/hoarder-app/assets/2418637/a82e9cee-2454-4e06-b23e-8d3361eb02e1

kerem commented 2026-03-02 11:48:07 +03:00

Author

Owner

Copy link

@kamtschatka commented on GitHub (Sep 15, 2024):

There is an authelia conf imported, are you using it? Does navigating to the page directly, using the URL work?

<!-- gh-comment-id:2351490264 --> @kamtschatka commented on GitHub (Sep 15, 2024): There is an authelia conf imported, are you using it? Does navigating to the page directly, using the URL work?

kerem commented 2026-03-02 11:48:07 +03:00

Author

Owner

Copy link

@gottoesplosivo commented on GitHub (Sep 15, 2024):

Hey, can you get the exact error using the instruction in this video:
Screen.Recording.2024-03-27.at.10.06.01.PM.mov

Hi, for some reason the video is not playing on firefox, could you send me a link to download it?

<!-- gh-comment-id:2351501501 --> @gottoesplosivo commented on GitHub (Sep 15, 2024): > Hey, can you get the exact error using the instruction in this video: > Screen.Recording.2024-03-27.at.10.06.01.PM.mov Hi, for some reason the video is not playing on firefox, could you send me a link to download it?

kerem commented 2026-03-02 11:48:07 +03:00

Author

Owner

Copy link

@gottoesplosivo commented on GitHub (Sep 15, 2024):

There is an authelia conf imported, are you using it? Does navigating to the page directly, using the URL work?

Yes I'm using authelia with 2fa, navigating to the page directly using hoarder.address.ltd works normally.

<!-- gh-comment-id:2351502128 --> @gottoesplosivo commented on GitHub (Sep 15, 2024): > There is an authelia conf imported, are you using it? Does navigating to the page directly, using the URL work? Yes I'm using authelia with 2fa, navigating to the page directly using hoarder.address.ltd works normally.

kerem commented 2026-03-02 11:48:07 +03:00

Author

Owner

Copy link

@MohamedBassem commented on GitHub (Sep 15, 2024):

@gottoesplosivo are you saying that there's authelia in front of Hoarder? If you open hoarder (using the domain) in an incognito page for example, do you go to hoarder, or are you greated with authelia first?

<!-- gh-comment-id:2351503319 --> @MohamedBassem commented on GitHub (Sep 15, 2024): @gottoesplosivo are you saying that there's authelia in front of Hoarder? If you open hoarder (using the domain) in an incognito page for example, do you go to hoarder, or are you greated with authelia first?

kerem commented 2026-03-02 11:48:07 +03:00

Author

Owner

Copy link

@gottoesplosivo commented on GitHub (Sep 15, 2024):

@gottoesplosivo are you saying that there's authelia in front of Hoarder? If you open hoarder (using the domain) in an incognito page for example, do you go to hoarder, or are you greated with authelia first?

there's authelia in front of hoarder, is not supposed to have something in front of it when exposed to the outside?

EDIT: Also I just tried removing authelia in the proxy conf and the problem persists

<!-- gh-comment-id:2351505288 --> @gottoesplosivo commented on GitHub (Sep 15, 2024): > @gottoesplosivo are you saying that there's authelia in front of Hoarder? If you open hoarder (using the domain) in an incognito page for example, do you go to hoarder, or are you greated with authelia first? there's authelia in front of hoarder, is not supposed to have something in front of it when exposed to the outside? EDIT: Also I just tried removing authelia in the proxy conf and the problem persists

kerem commented 2026-03-02 11:48:08 +03:00

Author

Owner

Copy link

@MohamedBassem commented on GitHub (Sep 15, 2024):

@gottoesplosivo then that's probably the problem. The chrome extension has no way to authenticate to authelia right now. We probably will need to add support for attaching custom headers to the extension and configure authelia to use those headers for authentication or something.

<!-- gh-comment-id:2351506332 --> @MohamedBassem commented on GitHub (Sep 15, 2024): @gottoesplosivo then that's probably the problem. The chrome extension has no way to authenticate to authelia right now. We probably will need to add support for attaching custom headers to the extension and configure authelia to use those headers for authentication or something.

kerem commented 2026-03-02 11:48:08 +03:00

Author

Owner

Copy link

@MohamedBassem commented on GitHub (Sep 15, 2024):

@gottoesplosivo can you see the video attached to this comment: https://github.com/hoarder-app/hoarder/issues/23#issuecomment-2024080868

<!-- gh-comment-id:2351506717 --> @MohamedBassem commented on GitHub (Sep 15, 2024): @gottoesplosivo can you see the video attached to this comment: https://github.com/hoarder-app/hoarder/issues/23#issuecomment-2024080868

kerem commented 2026-03-02 11:48:08 +03:00

Author

Owner

Copy link

@gottoesplosivo commented on GitHub (Sep 15, 2024):

@MohamedBassem please see my edit above, even without Authelia I can't login

<!-- gh-comment-id:2351507115 --> @gottoesplosivo commented on GitHub (Sep 15, 2024): @MohamedBassem please see my edit above, even without Authelia I can't login

kerem commented 2026-03-02 11:48:08 +03:00

Author

Owner

Copy link

@kamtschatka commented on GitHub (Sep 15, 2024):

with https://github.com/hoarder-app/hoarder/issues/92 it will be possible to use the API directly in the extension. If you just circumvent the API endpoint with authelia, this should work fine, i would say.

<!-- gh-comment-id:2351507147 --> @kamtschatka commented on GitHub (Sep 15, 2024): with https://github.com/hoarder-app/hoarder/issues/92 it will be possible to use the API directly in the extension. If you just circumvent the API endpoint with authelia, this should work fine, i would say.

kerem commented 2026-03-02 11:48:08 +03:00

Author

Owner

Copy link

@gottoesplosivo commented on GitHub (Sep 15, 2024):

@MohamedBassem I get CORS error when trying to login:

@kamtschatka how would you suggest I do that? I'm not that well versed :D

<!-- gh-comment-id:2351508909 --> @gottoesplosivo commented on GitHub (Sep 15, 2024): @MohamedBassem I get CORS error when trying to login:  @kamtschatka how would you suggest I do that? I'm not that well versed :D

kerem commented 2026-03-02 11:48:08 +03:00

Author

Owner

Copy link

@MohamedBassem commented on GitHub (Sep 15, 2024):

hmmm, I wonder if nginx by default strips the CORS headers from the response (or if you are stripping them youself).

Can you add:

    proxy_pass_header Access-Control-Allow-Origin;
    proxy_pass_header Access-Control-Allow-Methods;
    proxy_pass_header Access-Control-Allow-Headers;
    proxy_pass_header Access-Control-Allow-Credentials;
    proxy_pass_header Access-Control-Max-Age;

To both sections of nginx? If it didn't work, can you share the output of:

curl -v -XHEAD <INSERT_HOARDER_DOMAIN_HERE>/api/trpc

This can help us understand if the CORS headers are correctly set or not.

NOTE: do that with authelia disabled.

EDIT: modified the curl request to include the api endpoint

<!-- gh-comment-id:2351514050 --> @MohamedBassem commented on GitHub (Sep 15, 2024): hmmm, I wonder if nginx by default strips the CORS headers from the response (or if you are stripping them youself). Can you add: ``` proxy_pass_header Access-Control-Allow-Origin; proxy_pass_header Access-Control-Allow-Methods; proxy_pass_header Access-Control-Allow-Headers; proxy_pass_header Access-Control-Allow-Credentials; proxy_pass_header Access-Control-Max-Age; ``` To both sections of nginx? If it didn't work, can you share the output of: ``` curl -v -XHEAD <INSERT_HOARDER_DOMAIN_HERE>/api/trpc ``` This can help us understand if the CORS headers are correctly set or not. > NOTE: do that with authelia disabled. EDIT: modified the curl request to include the api endpoint

kerem commented 2026-03-02 11:48:08 +03:00

Author

Owner

Copy link

@gottoesplosivo commented on GitHub (Sep 15, 2024):

@MohamedBassem

here's the output

`curl -v -XHEAD https://hoarder.domain.ltd/api/trpc
Warning: Setting custom HTTP method to HEAD with -X/--request may not work the way you want. Consider using -I/--head instead.
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Host hoarder.domain.ltd:443 was resolved.

• IPv6: (none)
• IPv4:
• Trying :443...
• Connected to hoarder.domain.ltd (8) port 443
• ALPN: curl offers h2,http/1.1
  } [5 bytes data]
• TLSv1.3 (OUT), TLS handshake, Client hello (1):
  } [512 bytes data]
• CAfile: none
• CApath: /etc/ssl/certs
  { [5 bytes data]
• TLSv1.3 (IN), TLS handshake, Server hello (2):
  { [122 bytes data]
• TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
  { [19 bytes data]
• TLSv1.3 (IN), TLS handshake, Certificate (11):
  { [2044 bytes data]
• TLSv1.3 (IN), TLS handshake, CERT verify (15):
  { [79 bytes data]
• TLSv1.3 (IN), TLS handshake, Finished (20):
  { [52 bytes data]
• TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
  } [1 bytes data]
• TLSv1.3 (OUT), TLS handshake, Finished (20):
  } [52 bytes data]
• SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384 / [blank] / UNDEF
• ALPN: server accepted h2
• Server certificate:
• subject: CN=domain.ltd
• start date: Aug 22 23:16:52 2024 GMT
• expire date: Nov 20 23:16:51 2024 GMT
• subjectAltName: host "hoarder.domain.ltd" matched cert's "*.domain.ltd"
• issuer: C=US; O=Let's Encrypt; CN=E6
• SSL certificate verify ok.
• Certificate level 0: Public key type ? (256/128 Bits/secBits), signed using ecdsa-with-SHA384
• Certificate level 1: Public key type ? (384/192 Bits/secBits), signed using sha256WithRSAEncryption
• Certificate level 2: Public key type ? (4096/128 Bits/secBits), signed using sha256WithRSAEncryption
  } [5 bytes data]
• using HTTP/2
• [HTTP/2] [1] OPENED stream for https://hoarder.domain.ltd/api/trpc
• [HTTP/2] [1] [:method: HEAD]
• [HTTP/2] [1] [:scheme: https]
• [HTTP/2] [1] [:authority: hoarder.domain.ltd]
• [HTTP/2] [1] [:path: /api/trpc]
• [HTTP/2] [1] [user-agent: curl/8.9.1]
• [HTTP/2] [1] [accept: /]
  } [5 bytes data]

HEAD /api/trpc HTTP/2
Host: hoarder.domain.ltd
User-Agent: curl/8.9.1
Accept: /

{ [5 bytes data]

• TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
  { [57 bytes data]
• TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
  { [57 bytes data]
• Request completely sent off
  { [5 bytes data]
  < HTTP/2 404
  < server: nginx
  < date: Sun, 15 Sep 2024 12:57:27 GMT
  < content-type: text/html; charset=utf-8
  < access-control-allow-origin: *
  < access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
  < access-control-allow-headers: Content-Type, Authorization
  < access-control-allow-credentials: true
  < cache-control: private, no-cache, no-store, max-age=0, must-revalidate
  < vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
  < x-powered-by: Next.js
  < cache-control: no-transform
  < content-security-policy: upgrade-insecure-requests; frame-ancestors 'self'
  < permissions-policy: interest-cohort=()
  < referrer-policy: same-origin
  < x-content-type-options: nosniff
  < x-frame-options: SAMEORIGIN
  < x-ua-compatible: IE=Edge
  < x-xss-protection: 1; mode=block
  < access-control-allow-origin: *
  <
  { [0 bytes data]
  0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
• Connection #0 to host hoarder.domain.ltd left intact
  `

If I try to go to hoarder.domain.ltd/api I get a 404 error, maybe the api endpoint is not exposed properly?

<!-- gh-comment-id:2351583298 --> @gottoesplosivo commented on GitHub (Sep 15, 2024): @MohamedBassem here's the output `curl -v -XHEAD https://hoarder.domain.ltd/api/trpc Warning: Setting custom HTTP method to HEAD with -X/--request may not work the way you want. Consider using -I/--head instead. % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Host hoarder.domain.ltd:443 was resolved. * IPv6: (none) * IPv4: * Trying :443... * Connected to hoarder.domain.ltd (8) port 443 * ALPN: curl offers h2,http/1.1 } [5 bytes data] * TLSv1.3 (OUT), TLS handshake, Client hello (1): } [512 bytes data] * CAfile: none * CApath: /etc/ssl/certs { [5 bytes data] * TLSv1.3 (IN), TLS handshake, Server hello (2): { [122 bytes data] * TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8): { [19 bytes data] * TLSv1.3 (IN), TLS handshake, Certificate (11): { [2044 bytes data] * TLSv1.3 (IN), TLS handshake, CERT verify (15): { [79 bytes data] * TLSv1.3 (IN), TLS handshake, Finished (20): { [52 bytes data] * TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1): } [1 bytes data] * TLSv1.3 (OUT), TLS handshake, Finished (20): } [52 bytes data] * SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384 / [blank] / UNDEF * ALPN: server accepted h2 * Server certificate: * subject: CN=domain.ltd * start date: Aug 22 23:16:52 2024 GMT * expire date: Nov 20 23:16:51 2024 GMT * subjectAltName: host "hoarder.domain.ltd" matched cert's "*.domain.ltd" * issuer: C=US; O=Let's Encrypt; CN=E6 * SSL certificate verify ok. * Certificate level 0: Public key type ? (256/128 Bits/secBits), signed using ecdsa-with-SHA384 * Certificate level 1: Public key type ? (384/192 Bits/secBits), signed using sha256WithRSAEncryption * Certificate level 2: Public key type ? (4096/128 Bits/secBits), signed using sha256WithRSAEncryption } [5 bytes data] * using HTTP/2 * [HTTP/2] [1] OPENED stream for https://hoarder.domain.ltd/api/trpc * [HTTP/2] [1] [:method: HEAD] * [HTTP/2] [1] [:scheme: https] * [HTTP/2] [1] [:authority: hoarder.domain.ltd] * [HTTP/2] [1] [:path: /api/trpc] * [HTTP/2] [1] [user-agent: curl/8.9.1] * [HTTP/2] [1] [accept: */*] } [5 bytes data] > HEAD /api/trpc HTTP/2 > Host: hoarder.domain.ltd > User-Agent: curl/8.9.1 > Accept: */* > { [5 bytes data] * TLSv1.3 (IN), TLS handshake, Newsession Ticket (4): { [57 bytes data] * TLSv1.3 (IN), TLS handshake, Newsession Ticket (4): { [57 bytes data] * Request completely sent off { [5 bytes data] < HTTP/2 404 < server: nginx < date: Sun, 15 Sep 2024 12:57:27 GMT < content-type: text/html; charset=utf-8 < access-control-allow-origin: * < access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS < access-control-allow-headers: Content-Type, Authorization < access-control-allow-credentials: true < cache-control: private, no-cache, no-store, max-age=0, must-revalidate < vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding < x-powered-by: Next.js < cache-control: no-transform < content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' < permissions-policy: interest-cohort=() < referrer-policy: same-origin < x-content-type-options: nosniff < x-frame-options: SAMEORIGIN < x-ua-compatible: IE=Edge < x-xss-protection: 1; mode=block < access-control-allow-origin: * < { [0 bytes data] 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 * Connection #0 to host hoarder.domain.ltd left intact ` If I try to go to hoarder.domain.ltd/api I get a 404 error, maybe the api endpoint is not exposed properly?

kerem commented 2026-03-02 11:48:08 +03:00

Author

Owner

Copy link

@norgur commented on GitHub (Sep 15, 2024):

I have the same issue right now, no reverse proxies, no authelia, nothing. Just Hoarder running on Docker inside my tailscale network. I tried to get the logs as seen in the video, yet I can't, because I don't have an "inspect" button where yours was.

<!-- gh-comment-id:2351583417 --> @norgur commented on GitHub (Sep 15, 2024): I have the same issue right now, no reverse proxies, no authelia, nothing. Just Hoarder running on Docker inside my tailscale network. I tried to get the logs as seen in the video, yet I can't, because I don't have an "inspect" button where yours was.

kerem commented 2026-03-02 11:48:08 +03:00

Author

Owner

Copy link

@gottoesplosivo commented on GitHub (Oct 4, 2024):

Bumping this

<!-- gh-comment-id:2393442971 --> @gottoesplosivo commented on GitHub (Oct 4, 2024): Bumping this

kerem commented 2026-03-02 11:48:08 +03:00

Author

Owner

Copy link

@crosbyh commented on GitHub (Oct 6, 2024):

I'm experiencing this as well with the Firefox addon.

Using Traefik + Authelia. I have OIDC setup with Authelia and use that to login in the browser. Works in various browsers, incognito mode, etc.

I receive the same NetworkError when trying to use the Firefox extension. Neither API Key, nor email/pass login work.

<!-- gh-comment-id:2395494946 --> @crosbyh commented on GitHub (Oct 6, 2024): I'm experiencing this as well with the Firefox addon. Using Traefik + Authelia. I have OIDC setup with Authelia and use that to login in the browser. Works in various browsers, incognito mode, etc. I receive the same NetworkError when trying to use the Firefox extension. Neither API Key, nor email/pass login work.

kerem commented 2026-03-02 11:48:08 +03:00

Author

Owner

Copy link

@MohamedBassem commented on GitHub (Oct 6, 2024):

hmmm, I think I can add a test connection button similar to the one that I added to the mobile app.

<!-- gh-comment-id:2395519283 --> @MohamedBassem commented on GitHub (Oct 6, 2024): hmmm, I think I can add a `test connection` button similar to the one that I added to the mobile app.

kerem commented 2026-03-02 11:48:08 +03:00

Author

Owner

Copy link

@wbste commented on GitHub (Oct 7, 2024):

I turned on the browser console in firefox per this, and got this output trying to connect to another pc on my LAN via HTTP, no nginx or anything used in front of it, just the http://pcname:port format, which I'll call [HOST] below.

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at [HOST]/api/trpc/apiKeys.exchange?batch=1. (Reason: CORS request not http).

Note I had Enable HTTPS-Only Mode in all windows enabled up until this point. Once I disabled that (Don’t enable HTTPS-Only Mode), I logged in right away. Toggle this setting under Settings > HTTPS-Only Mode.

Note I already had the HOST added in the exception list of firefox (so the web site would load), but seems the extension doesn't/can't read that exception?

<!-- gh-comment-id:2395986729 --> @wbste commented on GitHub (Oct 7, 2024): I turned on the browser console in firefox [per this](https://stackoverflow.com/questions/12893981/logging-to-console-from-firefox-extension), and got this output trying to connect to another pc on my LAN via HTTP, no nginx or anything used in front of it, just the `http://pcname:port` format, which I'll call `[HOST]` below. `Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at [HOST]/api/trpc/apiKeys.exchange?batch=1. (Reason: CORS request not http).` Note I had `Enable HTTPS-Only Mode in all windows` enabled up until this point. Once I **disabled** that (`Don’t enable HTTPS-Only Mode`), I logged in right away. Toggle this setting under *Settings > HTTPS-Only Mode*. Note I already had the HOST added in the exception list of firefox (so the web site would load), but seems the extension doesn't/can't read that exception?

kerem commented 2026-03-02 11:48:08 +03:00

Author

Owner

Copy link

@atomicangel commented on GitHub (Oct 7, 2024):

Here's my Nginx config that worked OOB with the extension. Since I have a .dev domain, I had to specify https://hoarder.example.com in the app on my phone and in the extension.

# The `upstream` directives ensure that you have a http/1.1 connection
# This enables the keepalive option and better performance
#
# Define the server IP and ports here.
upstream hoarder {
  zone hoarder 64k;
  server hoarder.internal.lan:3000;     # I use my internal DNS entries instead of IP addresses, so use what you have here.
  keepalive 2;
}

# Needed to support websocket connections
# See: https://nginx.org/en/docs/http/websocket.html
# Instead of "close" as stated in the above link we send an empty value.
# Else all keepalive connections will not work.
map $http_upgrade $connection_upgrade {
    default upgrade;
    ''      "";
}

# Redirect HTTP to HTTPS
server {
    listen 80;
    listen [::]:80;
    server_name hoarder.example.com;

    if ($host = hoarder.example.com) {
        return 301 https://$host$request_uri;
    }
    return 404;


}

server {
    # For older versions of nginx appened http2 to the listen line after ssl and remove `http2 on`
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    #http2 on;
    server_name hoarder.example.com;

    client_max_body_size 525M;

    location / {
      proxy_http_version 1.1;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection $connection_upgrade;

      proxy_set_header Host $host;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header X-Forwarded-Proto $scheme;

      proxy_pass http://hoarder;
    }

    ssl_certificate /etc/letsencrypt/live/hoarder.example.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/hoarder.example.com/privkey.pem; # managed by Certbot
}

<!-- gh-comment-id:2397094669 --> @atomicangel commented on GitHub (Oct 7, 2024): Here's my Nginx config that worked OOB with the extension. Since I have a .dev domain, I had to specify https://hoarder.example.com in the app on my phone and in the extension. ``` # The `upstream` directives ensure that you have a http/1.1 connection # This enables the keepalive option and better performance # # Define the server IP and ports here. upstream hoarder { zone hoarder 64k; server hoarder.internal.lan:3000; # I use my internal DNS entries instead of IP addresses, so use what you have here. keepalive 2; } # Needed to support websocket connections # See: https://nginx.org/en/docs/http/websocket.html # Instead of "close" as stated in the above link we send an empty value. # Else all keepalive connections will not work. map $http_upgrade $connection_upgrade { default upgrade; '' ""; } # Redirect HTTP to HTTPS server { listen 80; listen [::]:80; server_name hoarder.example.com; if ($host = hoarder.example.com) { return 301 https://$host$request_uri; } return 404; } server { # For older versions of nginx appened http2 to the listen line after ssl and remove `http2 on` listen 443 ssl http2; listen [::]:443 ssl http2; #http2 on; server_name hoarder.example.com; client_max_body_size 525M; location / { proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_pass http://hoarder; } ssl_certificate /etc/letsencrypt/live/hoarder.example.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/hoarder.example.com/privkey.pem; # managed by Certbot } ```

kerem commented 2026-03-02 11:48:09 +03:00

Author

Owner

Copy link

@mounta11n commented on GitHub (Oct 8, 2024):

I turned on the browser console in firefox per this, and got this output trying to connect to another pc on my LAN via HTTP, no nginx or anything used in front of it, just the http://pcname:port format, which I'll call [HOST] below.

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at [HOST]/api/trpc/apiKeys.exchange?batch=1. (Reason: CORS request not http).

Note I had Enable HTTPS-Only Mode in all windows enabled up until this point. Once I disabled that (Don’t enable HTTPS-Only Mode), I logged in right away. Toggle this setting under Settings > HTTPS-Only Mode.

Note I already had the HOST added in the exception list of firefox (so the web site would load), but seems the extension doesn't/can't read that exception?

Thanks for the hint @wbste
Toggling off "https only for all sites" worked for me!

@MohamedBassem for me it seems like this is an http/https issue with firefox only and not a problem from the extension itself. Because I've had the same Error as OP even within my local network - no reverse proxy or anything - when using firefox (librewolf 130.0.1-1). But when using a chrome based webbrowser (Brave 1.69.153 Chromium: 128.0.6613.85) everything works fine with the exact same settings.
There is also no problem [EDIT: for firefox/librewolf extension] to connect to my hoarder docker container on my cloud-server, which is behind a reverse proxy, as long as it is https.
[EDIT: So it looks like firefox can not manage the https only exception when it comes to extensions.]

<!-- gh-comment-id:2400545441 --> @mounta11n commented on GitHub (Oct 8, 2024): > I turned on the browser console in firefox [per this](https://stackoverflow.com/questions/12893981/logging-to-console-from-firefox-extension), and got this output trying to connect to another pc on my LAN via HTTP, no nginx or anything used in front of it, just the `http://pcname:port` format, which I'll call `[HOST]` below. > > `Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at [HOST]/api/trpc/apiKeys.exchange?batch=1. (Reason: CORS request not http).` > > Note I had `Enable HTTPS-Only Mode in all windows` enabled up until this point. Once I **disabled** that (`Don’t enable HTTPS-Only Mode`), I logged in right away. Toggle this setting under _Settings > HTTPS-Only Mode_. > > Note I already had the HOST added in the exception list of firefox (so the web site would load), but seems the extension doesn't/can't read that exception? Thanks for the hint @wbste Toggling off "https only for all sites" worked for me! @MohamedBassem for me it seems like this is an http/https issue with firefox only and not a problem from the extension itself. Because I've had the same Error as OP even within my local network - no reverse proxy or anything - when using firefox (librewolf 130.0.1-1). But when using a chrome based webbrowser (Brave 1.69.153 Chromium: 128.0.6613.85) everything works fine with the exact same settings. There is also no problem [EDIT: for firefox/librewolf extension] to connect to my hoarder docker container on my cloud-server, which is behind a reverse proxy, as long as it is https. [EDIT: So it looks like firefox can not manage the https only exception when it comes to extensions.]

kerem commented 2026-03-02 11:48:09 +03:00

Author

Owner

Copy link

@mounta11n commented on GitHub (Oct 8, 2024):

Ah and fyi @gottoesplosivo I'm using caddy as my reverse proxy. caddy manages the ssl automatically, I can absolutely recommend it.

<!-- gh-comment-id:2400559039 --> @mounta11n commented on GitHub (Oct 8, 2024): Ah and fyi @gottoesplosivo I'm using caddy as my reverse proxy. caddy manages the ssl automatically, I can absolutely recommend it.

kerem commented 2026-03-02 11:48:09 +03:00

Author

Owner

Copy link

@crosbyh commented on GitHub (Oct 18, 2024):

I'm experiencing this as well with the Firefox addon.

Using Traefik + Authelia. I have OIDC setup with Authelia and use that to login in the browser. Works in various browsers, incognito mode, etc.

I receive the same NetworkError when trying to use the Firefox extension. Neither API Key, nor email/pass login work.

An update to this... I also tested in Chrome and that extension did not work for me either. If I add this to my traefik config file:

        accessControlAllowOriginList:
          - "*" 

Then both Chrome & Firefox extensions are able to connect successfully. If I comment that line out, both break immediately. Doesn't seem to work if I add my personal domain/subdomain to the allow list, only works with the wildcard so far.

This seems out of the ordinary as I'm able to use other selfhosted bookmarklets and browser extensions successfully without this added config. Hoping to find a better way to manage this config, as I believe allowing the wildcard is not ideal for security.

<!-- gh-comment-id:2422853277 --> @crosbyh commented on GitHub (Oct 18, 2024): > I'm experiencing this as well with the Firefox addon. > > Using Traefik + Authelia. I have OIDC setup with Authelia and use that to login in the browser. Works in various browsers, incognito mode, etc. > > I receive the same NetworkError when trying to use the Firefox extension. Neither API Key, nor email/pass login work. An update to this... I also tested in Chrome and that extension did not work for me either. If I add this to my traefik config file: ``` accessControlAllowOriginList: - "*" ``` Then both Chrome & Firefox extensions are able to connect successfully. If I comment that line out, both break immediately. Doesn't seem to work if I add my personal domain/subdomain to the allow list, only works with the wildcard so far. This seems out of the ordinary as I'm able to use other selfhosted bookmarklets and browser extensions successfully without this added config. Hoping to find a better way to manage this config, as I believe allowing the wildcard is not ideal for security.

kerem commented 2026-03-02 11:48:09 +03:00

Author

Owner

Copy link

@kamtschatka commented on GitHub (Oct 23, 2024):

sounds like traefik might be removing that, because we are definitely setting that on all the /api responses:
https://github.com/hoarder-app/hoarder/blob/main/apps/web/next.config.mjs#L31

<!-- gh-comment-id:2432827127 --> @kamtschatka commented on GitHub (Oct 23, 2024): sounds like traefik might be removing that, because we are definitely setting that on all the /api responses: https://github.com/hoarder-app/hoarder/blob/main/apps/web/next.config.mjs#L31

kerem commented 2026-03-02 11:48:09 +03:00

Author

Owner

Copy link

@aweb-01 commented on GitHub (Nov 20, 2024):

I also had this issue with traefik. I run both traefik and cloudflare zero tunnels, so I just stuck this behind a cloudflare tunnel instead, but would prefer to get it working with traefik at some point.

<!-- gh-comment-id:2489160369 --> @aweb-01 commented on GitHub (Nov 20, 2024): I also had this issue with traefik. I run both traefik and cloudflare zero tunnels, so I just stuck this behind a cloudflare tunnel instead, but would prefer to get it working with traefik at some point.

kerem commented 2026-03-02 11:48:09 +03:00

Author

Owner

Copy link

@pewter77 commented on GitHub (Jan 29, 2025):

I run some secure headers for my Traefik instance, so not all will be relevant.

This would help if you're using some secure headers, at least for chrome, Firefox plugin is gone for now from the store so maybe I'll check it later and see how to fix it. You'd have to change DOMAIN to your own domain in env variables if you're using them. Firefox probably has a different URL method.

The following is a middleware and whoever is reading this probably will need to figure it that out to get it working.

      - "traefik.http.middlewares.secure-headers.headers.accesscontrolallowmethods=GET,POST"
      - "traefik.http.middlewares.secure-headers.headers.accesscontrolallowheaders=*"
      - "traefik.http.middlewares.secure-headers.headers.accesscontrolalloworiginlist=${DOMAIN},chrome-extension://kgcjekpmcjjogibpjebkhaanilehneje"
      - "traefik.http.middlewares.secure-headers.headers.accesscontrolmaxage=100"
      - "traefik.http.middlewares.secure-headers.headers.addvaryheader=true"

Alternatively you can use =*" for accesscontrolalloworiginlist but... I don't roll that way.

<!-- gh-comment-id:2620474410 --> @pewter77 commented on GitHub (Jan 29, 2025): I run some secure headers for my Traefik instance, so not all will be relevant. This would help if you're using some secure headers, at least for chrome, Firefox plugin is gone for now from the store so maybe I'll check it later and see how to fix it. You'd have to change DOMAIN to your own domain in env variables if you're using them. Firefox probably has a different URL method. The following is a middleware and whoever is reading this probably will need to figure it that out to get it working. ``` - "traefik.http.middlewares.secure-headers.headers.accesscontrolallowmethods=GET,POST" - "traefik.http.middlewares.secure-headers.headers.accesscontrolallowheaders=*" - "traefik.http.middlewares.secure-headers.headers.accesscontrolalloworiginlist=${DOMAIN},chrome-extension://kgcjekpmcjjogibpjebkhaanilehneje" - "traefik.http.middlewares.secure-headers.headers.accesscontrolmaxage=100" - "traefik.http.middlewares.secure-headers.headers.addvaryheader=true" ``` Alternatively you can use =*" for accesscontrolalloworiginlist but... I don't roll that way.

kerem commented 2026-03-02 11:48:09 +03:00

Author

Owner

Copy link

@vanhellthing93 commented on GitHub (Feb 4, 2025):

Get working behind nginx + authelia with this config (works both for browser extension as well as mobile app)

include /data/snippets/authelia-location.conf;

location / {
    include /data/snippets/proxy.conf;
    include /data/snippets/authelia-authrequest.conf;
    proxy_pass $forward_scheme://$server:$port;
}

location /api {
    include /data/snippets/proxy.conf;
    proxy_pass $forward_scheme://$server:$port;
}

<!-- gh-comment-id:2633825220 --> @vanhellthing93 commented on GitHub (Feb 4, 2025): Get working behind nginx + authelia with this config (works both for browser extension as well as mobile app) ``` include /data/snippets/authelia-location.conf; location / { include /data/snippets/proxy.conf; include /data/snippets/authelia-authrequest.conf; proxy_pass $forward_scheme://$server:$port; } location /api { include /data/snippets/proxy.conf; proxy_pass $forward_scheme://$server:$port; } ```

kerem commented 2026-03-02 11:48:09 +03:00

Author

Owner

Copy link

@Cyber3x commented on GitHub (Apr 23, 2025):

https://github.com/karakeep-app/karakeep/issues/392#issuecomment-2400545441 Exact same problem and solution here. It would be nice to see this working, is there a way to report this bug to mozzila in order to get it fixed?

<!-- gh-comment-id:2824421139 --> @Cyber3x commented on GitHub (Apr 23, 2025): https://github.com/karakeep-app/karakeep/issues/392#issuecomment-2400545441 Exact same problem and solution here. It would be nice to see this working, is there a way to report this bug to mozzila in order to get it fixed?

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

refactor/use-npm-singlefile

onetab

claude/issue-2596-20260321-1401

claude/fix-docs-button-responsive-V3aBQ

claude/review-import-backpressure-D4ArJ

claude/fix-archived-bookmarks-mobile-P9OJW

claude/issue-1189-20260211-1601

claude/fix-nested-smart-lists-3uFkt

claude/issue-2298-20251223-1704

feat/import-v3

claude/add-cli-search-subcommand-6kIe0

claude/add-bookmark-indexing-timestamps-96bPj

claude/auto-disable-failing-feeds-fkDhP

claude/add-tag-search-aliases-HzESD

feat/docker-compose-dev

claude/add-attachedby-tags-endpoint-01WYfemMGHJJjXsPYLvUJAno

claude/fix-crawler-memory-leaks-NE7Ct

bookmark-debugger

claude/issue-2352-20260106-1120

claude/issue-1977-20260102-2348

claude/add-banner-rendering-JeLUk

claude/add-descendant-qualifier-cUm26

claude/skip-metadata-refresh-archives-CAo4Y

claude/fix-archive-pending-banner-pAyGM

claude/add-embeddings-support-h2swV

claude/nested-manage-lists-QVV85

claude/privacy-type-system-MG1bT

claude/add-action-menu-icons-6hNKw

claude/issue-2299-20251223-1711

claude/bookmark-indexing-progress-QwZSI

claude/migrate-bookmark-attachments-3O2te

claude/add-2025-wrapped-feature-tIUIh

claude/improve-ai-settings-design-639tq

claude/add-youtube-metascraper-plugin-0lWC7

claude/add-problem-reporting-gSSEV

claude/add-mobile-list-menus-spcS7

claude/shadcn-bookmark-cards-WWHzP

claude/add-extensions-link-HTeXc

claude/add-onboarding-screens-hsYMO

claude/fix-settings-switch-overflow-nlzM4

claude/clamp-bookmark-titles-diAEz

claude/port-stats-mobile-expo-MuXAn

claude/whats-new-base-version-vrv8C

claude/fix-settings-auth-checks-jgyD8

claude/add-server-version-display-3sGa2

claude/fix-tag-editor-scrolling-rzdbG

claude/add-company-pricing-card-y5mHY

claude/audit-optimize-transactions-xpDVc

codex/ensure-consistent-ui-experience-across-app-pages

claude/plan-opentelemetry-integration-01Jx183mz1Ev8h8JoYj97Auw

libsql

db-indicies

claude/export-import-lists-01UuCWwdaqduAd35NppvjnMD

claude/configurable-worker-timeout-0198GQh6YrrRzqG62xnogyrz

claude/check-import-quota-01CPdxTpHp18Ba62bYcBTVbA

claude/scraper-worker-thread-01FEHen6MGrQHmdBstJSuiyA

claude/customize-dialog-styling-01CVjEv2KgyZJSpCg3mqkvR7

claude/add-asset-cache-headers-0175WhNcqwiwurrmjj52jnLT

claude/add-db-search-plugin-017Xxd4Jq3MfjWT788vgfbaq

benchmarks-2

claude/add-filtered-deletion-01DTxWNcg3hhqdNpeNLa3s6L

claude/actionbutton-loading-spinner-015DY5ZTvgPgFAXTZz3UGaYv

claude/add-broken-links-qualifier-01S31X1LsKiYb9gE1dXTKvi3

claude/docker-release-tag-trigger-01UmzFXEumhK2jdmRGtMcueo

claude/spread-feed-fetch-scheduling-01EihUtmZSyqeE1HfRMessxW

restate-idempotency

claude/align-android-ios-colors-01GJfkhEyZVBReohVioPa8ok

claude/improve-mobile-app-colors-0155LzHfkd5HyJr6YyZMsus5

codex/add-autocomplete-for-search-query-language

claude/add-bookmark-backups-016L2A8Z94n7tDgDdMPdFuAd

claude/restrict-binary-user-permissions-01FSGyy2RXGZvE26YbAejzGi

effect-ts

claude/prepare-trpc-npm-publish-0193EjfwpxSNVNcLXqXjs6Ln

shared-list-sidebar

claude/lazy-load-tiktoken-017UTNpJPTcMMQvNEBa1aFwo

codex/fix-asset-pre-processing-worker-abort-signals

add-groupid

claude/add-bookmark-list-button-01VF7uXYNLsVDzqdozWMXP5M

claude/extract-shared-ui-components-01DSVfaCr6WRqAyx1vJTZk9r

claude/migrate-shadcn-sidebar-01DKjpg9MD5PJ2potemSnbvW

claude/add-collaborators-rate-limits-01VjXyRWWPUkGQKa8d8D8qKj

claude/modernize-dark-mode-01FRfE81PAY5C44pFu1cYocf

claude/add-signed-url-bookmark-01PjYT1ZhvLK2FPJNTAhJsWf

restate-group-id

claude/add-highlights-page-012vhHpn8fVNp3gf7gBeW14s

claude/disable-shared-bookmark-features-01B9fiGUdu6NyWaxSQFsQBxP

claude/mobile-bookmark-grid-layouts-018cGBBMhPJVq6PJVRBpqT2r

claude/add-mobile-bookmark-summary-01494LYoh4sJW5Fj4GPm62Vj

claude/add-mobile-tags-screen-01WRADt4ZzvXVew1Y9vqF8SV

claude/add-highlight-notes-01LpanRLS4a2YMnT1qB5GTqX

claude/add-search-bar-014k2ngaqjwYRVSvqmbuECqr

claude/hide-collaborator-emails-01TQrkkMupC7CR9BTuDkireg

claude/list-invitation-approval-0129V89M1riXW6JqmoF74VfM

claude/add-bookmark-archive-sort-018VbGPGvtmsGgXFEERoAX7B

claude/add-mobile-smart-lists-01251tYo9u1SywE6XFezAv9e

claude/bookmark-drag-drop-01DmWq286ogHpDGHKcXjKr3z

claude/add-rss-import-01DH1Q2axcDeq8nQJR5MWjPJ

claude/mobile-inapp-browser-auth-01KiT6bwyntRPQ1X4oTtAveC

claude/offline-mode-react-query-01D1rE2bdBEPw2teGqunr5Gd

claude/add-singlefile-extension-support-01BEB9QQZABzwfZDvR9Bz5b2

claude/custom-list-slugs-01VxcfkNUXZ97FNpNVURopMq

claude/issue-2148-20251118-1133

claude/add-groupid-queue-fairness-011CV1r8Wb46HuGAg5o95i3m

claude/hide-viewer-shared-lists-01Fst6NBvdxrXXnDhUmjsNDP

claude/collaborative-lists-013AvDvMqkoszDVcSoCYgBcM

claude/implement-feature-01LT5XzGsbEhZkYXNEjEwdui

claude/fix-bookmark-loading-state-01AgF4H2drxwuTCJDB2Xgiu4

claude/admin-user-edit-013tbiRmb1KX2fhSYqmGKCu8

claude/expose-all-api-01YTruEW72WQYMtq4iZoaPkA

claude/add-doc-link-main-016NYLxShpKuH6R8XCBgeZtc

claude/fix-issue-2133-019JLvdSRAUbU4FtjQztcM6S

claude/explore-effect-ts-integration-01F7xb1dWwP1ma4LnLbFGfDD

claude/optimize-dockerfile-build-011CV5gDnPZbdbbVSPDofC4e

claude/add-custom-headers-guide-011CV249t16aWDRb1mCrzQdC

claude/mobile-app-signup-011CUxPtCXgU6U3T8GShTR2Q

claude/crawler-worker-fetch-browser-011CUvcRc24XEr9DTWDW6MX8

claude/fix-issue-784-011CUvubQrcZHG9S3KjpCKbK

codex/add-user-settings-for-inference-language-and-screenshots

claude/fix-mobile-signin-server-address-011CUnaUWwY2Fhq5Xbwhgr8H

better-auth-2

claude/issue-2028-20251012-1429

claude/issue-1010-20251012-1154

codex/update-feed-refresh-job-idempotency-key

restate

import-v2

fix-public-lists

recurse-delete-list

abort-dangling-processing

tag-pagination

ratelimit-plugin

claude/issue-1937-20250914-0912

codex/implement-title-search-query-qualifier

copilot/add-edit-button-for-notes

cookie-path

ai-tag-cleanup

codex/add-allowlist-and-blocklist-env-variables

mobile-retheme

expo-next-upgrade

opencode/issue1788-20250727215611

fix-trailing-slash-deduplication

edit-bookmark-dialog

bookmark-embeddings

rag

nextjs-15

bookmark-hover-bar

sapling-pr-archive-MohamedBassem

track-bookmark-assets

json-cli

admin-settings

mobile-dark-mode

android/v1.9.2-0

ios/v1.9.1-1

android/v1.9.1-0

ios/v1.9.1-0

ios/v1.9.0-2

ios/v1.9.0-1

android/v1.9.0-1

extension/v1.2.9

cli/v0.31.0

sdk/v0.31.0

mcp/v0.31.0

android/v1.9.0-0

ios/v1.9.0-0

v0.31.0

android/v1.8.5-0

cli/v0.30.0

sdk/v0.30.0

ios/v1.8.4-0

android/v1.8.4-0

v0.30.0

cli/v0.29.1

v0.29.3

v0.29.2

v0.29.1

sdk/v0.29.0

cli/v0.29.0

mcp/v0.29.0

ios/v1.8.3-0

android/v1.8.3-0

extension/v1.2.8

v0.29.0

android/v1.8.2-2

android/v1.8.2-1

ios/v1.8.2-0

android/v1.8.2-0

extension/v1.2.7

android/v1.8.1-0

ios/v1.8.1-0

v0.28.0

cli/v0.27.1

cli/v0.27.0

v0.27.1

sdk/v0.27.0

v0.27.0

android/v1.8.0-1

ios/v1.8.0-1

mcp/v0.26.0

sdk/v0.26.0

v0.26.0

cli/v0.25.0

ios/v1.7.0-1

mcp/v0.25.0

v0.25.0

extension/v1.2.6

ios/v1.7.0-0

android/v1.7.0-0

v0.24.1

v0.24.0

mcp/v0.23.10

mcp/v0.23.9

mcp/v0.23.8

extension/v1.2.5

mcp/v0.23.7

mcp/v0.23.6

mcp/v0.23.5

mcp/v0.23.4

sdk/v0.23.2

cli/v0.23.0

extension/v1.2.4

android/v1.6.9-1

ios/v1.6.9-1

v0.23.2

v0.23.1

sdk/v0.23.0

v0.23.0

ios/v1.6.9-0

sdk/v0.22.0

v0.22.0

android/v1.6.8-0

ios/v1.6.8-0

sdk/v0.21.2

sdk/v0.21.1

sdk/v0.21.0

v0.21.0

cli/v0.20.0

v0.20.0

ios/v1.6.7-4

android/v1.6.7-4

ios/v1.6.7-3

android/v1.6.7-3

android/v1.6.7-2

ios/v1.6.7-2

android/v1.6.7-1

ios/v1.6.7-1

ios/v1.6.7-0

android/v1.6.7-0

v0.19.0

android/v1.6.6-0

android/v1.6.5-0

ios/v1.6.5-0

ios/v1.6.4-0

android/v1.6.4-0

v0.18.0

v0.17.1

v0.17.0

ios/v1.6.3-0

android/v1.6.3-0

extension/v1.2.3

ios/v1.6.2-1

android/v1.6.2-1

ios/v1.6.2-0

android/v1.6.2-0

v0.16.0

ios/v1.6.1-3

android/v1.6.1-3

ios/v1.6.1-2

android/v1.6.1-2

android/v1.6.1-1

ios/v1.6.1-1

android/v1.6.1-0

ios/v1.6.1-0

extension/v1.2.2

android/v1.6.0-1

ios/v1.6.0-1

ios/v1.6.0

android/v1.6.0

cli/v0.13.7

cli/v0.13.6

v0.15.0

cli/v0.13.5

extension/v1.2.1

v0.14.0

cli/v0.13.3

cli/v0.13.2

cli/v0.13.1

cli/v0.13.0

v0.13.1

v0.13.0

mobile-v1.5.0

mobile-v1.4.0

v0.12.2

v0.12.1

v0.12.0

v0.11.1

v0.11.0

v0.10.1

v0.10.0

v0.9.0

v0.8.0

v0.7.0

v0.6.0

v0.5.0

v0.4.1

v.0.4.0

v.0.3.1

v0.3.0

v0.2.2

v0.2.1

v0.2.0

v0.1.0

Labels

Clear labels   

UI/UX

  

android

  

bug

  

dependencies

  

documentation

  

documentation

  

extension

  

feature request

  

feature request

  

good first issue

  

ios

  

long-term

  

performance

  

pri/high

  

pri/low

  

pri/medium

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

status/approved

  

status/icebox

  

status/pending_clarification

  

status/untriaged

No labels

UI/UX

android

bug

dependencies

documentation

documentation

extension

feature request

feature request

good first issue

ios

long-term

performance

pri/high

pri/low

pri/medium

pull-request

question

status/approved

status/icebox

status/pending_clarification

status/untriaged

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/karakeep#257

No description provided.