Skip to content
This repository has been archived by the owner on Jul 28, 2024. It is now read-only.

Configuration Warnings #36

Open
asmitconsulting opened this issue Oct 17, 2018 · 4 comments
Open

Configuration Warnings #36

asmitconsulting opened this issue Oct 17, 2018 · 4 comments

Comments

@asmitconsulting
Copy link

The following warnings will be displayed on my NAS after successful installation:

  • Your web server is not configured correctly to resolve "/.well-known/caldav". For more information, see the documentation.
  • Your web server is not configured correctly to resolve "/.well-known/carddav". For more information, see the documentation.
  • The "Referrer-Policy" HTTP header is not set to "no-referrer", "no-referrer-when-downgrade", "strict-origin" or "strict-origin-when-cross-origin". This allows reference information to be disclosed. See the W3C recommendation.
    How can these be fixed or could you correct the configuration in the same way?
    Thank you
@yeoldegrove
Copy link
Contributor

The "Referrer-Policy" HTTP header is not set to "no-referrer", "no-referrer-when-downgrade", "strict-origin" or "strict-origin-when-cross-origin". This can leak referer information. See the W3C Recommendation.
This is fixed by the commit in #38.

@PhiGi87
Copy link

PhiGi87 commented Jan 30, 2019

Unfortunately there will be more warnings with every update. Are you so nice to fix the problem? I would be very grateful to you.

@kw90
Copy link

kw90 commented May 6, 2020

The first two warnings seem also to cause the proposed URI for synchronizing with iOS to fail (See issue over at NextCloud documentation GitHub).

Looking at the General troubleshooting documentation and the example Nginx configuration this could be solved by properly setting the .well-known URI for service discovery. Adding the following lines to the Nginx configuration could do the trick

    location = /.well-known/carddav {
      return 301 $scheme://$host:$server_port/remote.php/dav;
    }
    location = /.well-known/caldav {
      return 301 $scheme://$host:$server_port/remote.php/dav;
    }

@tutu20120501
Copy link

The first two warnings seem also to cause the proposed URI for synchronizing with iOS to fail (See issue over at NextCloud documentation GitHub).

Looking at the General troubleshooting documentation and the example Nginx configuration this could be solved by properly setting the .well-known URI for service discovery. Adding the following lines to the Nginx configuration could do the trick

    location = /.well-known/carddav {
      return 301 $scheme://$host:$server_port/remote.php/dav;
    }
    location = /.well-known/caldav {
      return 301 $scheme://$host:$server_port/remote.php/dav;
    }

U R RIGHT. The warnnings is from here. U must correct it as below:
location = /.well-known/carddav {
return 301 $scheme://$http_host/remote.php/dav;
}
location = /.well-known/caldav {
return 301 $scheme://$http_host/remote.php/dav;
}

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@yeoldegrove @PhiGi87 @kw90 @tutu20120501 @asmitconsulting