Cannot Save Theme Customizations: 403 Error on PUT


#1

Hey all, using v1.9.0.beta13 +147 and cannot save any theme customizations at all.

This is what gets dumped to console in Chrome when I try to save HTML/CSS customizations anywhere (be it the head, header, etc):

image

If I go to the file that’s giving the 403, it wants to download default.dcstyle.json so it seems to be working.

If I look at those ember_jquery files, I don’t really know what’s breaking, but it seems like line 9176 of that file is a comment??

image

I’m lost with that one! And for the record, I have CloudFlare’s Performance stuff completely disabled for /admin*

Anyone seen this or know how to debug or tell Chrome to chill out?

Thanks in advance!


Webhook Won't Delete: CPU Rails to 100% for 30 Seconds, then 502 Error
(Jeff Atwood) #2

Can you repro this @jomaxro?


#4

As an update, it started working again and I don’t know why. Same browser same server, no reboots or nothin… Part of me still wants to blame CloudFlare. I have no clue.

Update: I asked Jeff to re-open this because it’s still sporadically happening. I upgraded my VPS and that didn’t help. I’ll start digging through the logs when I have time.


(Jeff Atwood) #5

(Jeff Atwood) #6

#9

Another update on this - Disabling CloudFlare’s DNS / CDN part seems to have fixed it:

image

Just disabling their Performance settings wasn’t enough. At least not this time around.

What I hate about this is that it now exposes my server’s IP though. I’m quite confident that CloudFlare and Docker-based Discourse are not playing well together.


#10

This issue is back for me. It’s sporadic and driving me crazy.

I’m running tail -f /var/log/nginx/error.log /var/log/nginx/error.log.1 /var/log/nginx/error.letsencrypt.log /shared/log/rails/unicorn.stderr.log while inside of my web_only container (my data and web containers are separated) and it’s not showing any 403 error.

Are there other logs where the 403 may show up?


#11

For those who ended up here via google:

More likely than not this was cloudflare’s Web Application Firewall. You can check this see this by inspecting the response of that 403: is it it’s html from cloudflare with a captcha inside? If it is, then probably only saving html/javascript customisations give you trouble.

You can switch it off in cloudflare’s Firewall section and that’ll fix your theme customisation 403 problem: