At some point in the last 2 days internal URLs stopped oneboxing on my instance. I’m up to date with tests-passed as of 1:15 AM EST 6/9/17.
There are the errors I’m seeing in the console when a post with an internal URL is loaded. There do not appear to be any related errors in /logs.
I am unable to reproduce the problem. Are you using any onebox plugin?
Nope. No non-official plugins.
Can you repro this on meta or try?
Nope. Hence support and not bug. Hoping there might be suggestions on why, and how to troubleshoot.
Edited OP to be clearer.
I can reproduce the same problem even for external URL below. It returns same ‘404 not found’ error.
As it mentioned in another topic
Sorry I am not following, what does that external URL have to do with this report of internal (discourse) URL oneboxing issues?
While I was about to say the same thing - I think the point is I’m getting a very similar console error here on Meta with that link.
Is there any chance there’s some sort of regression going on here?
Possible, @eviltrout will need to look tomorrow
I am trying to say it looks like the problem is randomly happening in some URLs. In both topics it returning the same error. So it might be same issue.
I seem to recall that private topics don’t work for oneboxing - is that the issue you are experiencing with internal links?
That said, I can confirm I am getting identical 404 errors in the console for both internal links (linking to private topics in a private category) and namati.org links.
While my site is login required (and SSO), internal oneboxes definitely worked before. And the error above comes from a link to a “public” category.
It’s normal for onebox to return the 404 error you’re seeing in the console above if it can’t retrieve the onebox, so I don’t think the error for internal oneboxes is the same as the external one.
I need better steps to reproduce this internal issue. (The external one linked before is good for me to investigate)
I don’t really have any more details at the moment. I’ll see what the results of your investigation with the external link are, then see if I need to get you more detail.
I already replied in there - it’s due to the User Agent being blacklisted somehow. I don’t think it’s related.
Oh darn…
Well, here’s what I’ve got: it stopped working sometime in the last few days - it definitely worked previously as there are internal link oneboxes all over the forums. Nothing should have changed network wise on our end, but I’m reaching out to IT to check. External oneboxes (at least to other Discourse sites) still works.
I’m open to ideas/questions…
When you say internal link, are you referring to links by IP address or internal hostnames? Because a recent security features is meant to disable SSRF attacks by ensuring redirects are to external services.
It’s possible we don’t see it here because external links resolve to a different IP than internal ones. If your network infrastructure is resolving the outer hostname to an internal IP internally that could cause it to stop working.
Internal hostnames. Pasting a link in the form of https://forums.mydomain.com/t/name-here/id-here.
Just to be clear, forums.mydomain.com are visible from the outside world? Or just internally?
Well, they redirect to another subdomain for auth, but yes, they’re visible.
IT just said “yes”, and “one sec”.
