I’m currently facing a problem while setting up my Indico instance. I’ve successfully set up the instance, and most functions are working properly. However, I’m encountering an issue when trying to remove materials from an event. Whenever I attempt to remove a material, a blank window pops up with only a “Dismiss” button, like this:
I’ve already checked the logs for uWSGI, Indico, and Nginx, but I couldn’t find any relevant information or new entries that could explain the issue. Additionally, I examined the JavaScript error console, but there were no reported errors.
One notable difference between my local setup and the recommended documentation is that we’re using HTTP instead of HTTPS in our Nginx configuration. As a result, we cannot utilize the HTTP/2 option. I’m unsure whether this difference might be causing the problem I described.
If anyone has encountered a similar issue or has any suggestions on how to resolve it, I would greatly appreciate your assistance.
I’m using HTTP/2 on my dev instance myself so that’s unlikely to be the cause. Check your browser’s dev tools for the response on the HTTP request that fails when the error popup shows up.
Maybe you have an overzealous WAF that blocks these requests?
Okay, I tried this using Firefox, and it reported an error with the code “NS_ERROR_NET_INTERRUPT.” Unfortunately, it didn’t provide any additional helpful information about the issue.
Then, I attempted accessing it using Microsoft Edge, and this time it gave me an error with the code “ERR_HTTP2_ERROR.”
I also tried turning off the local firewall, but it didn’t make any difference. Both requests still received no response.
Based on these observations, my suspicion is still that the problem might be related to not using HTTP/2 in the Nginx configuration.
I have an update regarding the issue I mentioned earlier. I am currently using Nginx to deploy my instance, and based on my understanding, there is no Web Application Firewall (WAF) in place.
In an attempt to troubleshoot, I temporarily changed the configuration to use HTTPS and enabled HTTP/2. The problem I mentioned earlier appears to be resolved using this setup. However, it is not practical for us to maintain this configuration permanently.
I’m wondering if there is a way to address this problem without having to switch to HTTPS configuration. If there is any suggestion, please let me know.
Wait, are you saying you are using HTTP/2 without TLS? Unencrypted connections are a bad idea in general, and not something we support (they may or may not work; browsers nowadays restrict some features to secure connections).
Anyway, if you mention config changes I can only take guesses. Maybe you can share the configs here?
Regarding the attempt I mentioned earlier, I used both TLS and HTTP/2 for troubleshooting purposes.
The reason why we do not currently use TLS is that we have another server in place to act as a reverse proxy, which securely transmits requests to our server via the LAN. We believe this setup provides sufficient security. The communication between that server and the browser client is achieved through HTTPS.
You are right. My point was that the end user must be connecting via TLS. Generally it’s good to encrypt inside your local network as well but it’s indeed not strictly needed.
Anyway, sounds like something better suited for a nginx mailing list/forum since the problem seems to be outside the scope of Indico… Disabling http/2 could be an option as well, I don’t think you get any significant benefits from using it between your reverse proxy and Indico’s nginx.
BTW, for debugging you could try to replicate the request with curl (Firefox lets you copy a request with all headers, cookies, etc. as a curl command in the dev tools) - this will likely show you some more details than what a the browser shows you, especially if you switch it to verbose mode.
This typically means the connection was only partially establised.
Are you accessing the instance via you reverse proxy or directly? Is the base URL correctly configured ( check indico.conf → BaseURL )? If you try a direct access to your installation you may get tries to do a https connection directly and that would fail with this symptom. Generally you should access the indico instance only via the configured URL.
Through the reverse proxy, I believe the URL is configured correctly, as most requests to Indico work properly. The error I mentioned earlier only occurs in specific functions.
