AJAX_ERROR on Dashboard  [SOLVED]

Have you discovered a bug? Tell us about it.
Post Reply
ChiefZA
Posts: 4
Joined: Thu 2. Jun 2022, 10:45

AJAX_ERROR on Dashboard

Post by ChiefZA »

---------------------------------------------------------------------------


I'm sure the cause of the problem is within KeyHelp
(Problems not related to KeyHelp belong in the Offtopic forum)


Ubuntu 20.04
(e.g. Ubuntu 20.04)


KVM
(e.g. none, OpenVZ, KVM, XEN, etc.)


22.0 (Build 2393)



I am receiving an AJAX_ERROR in Service/port monitoring and update information with the error: Failed to retrieve update information.
It is also throwing an AJAX_ERROR for the news tab on the dashboard. Console gives these errors:
AJAX-ERROR
functions.js?v=385251d48450fc342bf98fc99412f3991ca8e6fc:132 Type: parsererror
functions.js?v=385251d48450fc342bf98fc99412f3991ca8e6fc:133 Staus: 200 - parsererror
functions.js?v=385251d48450fc342bf98fc99412f3991ca8e6fc:134 Response:
Invalid session.
functions.js?v=385251d48450fc342bf98fc99412f3991ca8e6fc:131 AJAX-ERROR
functions.js?v=385251d48450fc342bf98fc99412f3991ca8e6fc:132 Type: parsererror
functions.js?v=385251d48450fc342bf98fc99412f3991ca8e6fc:133 Staus: 200 - parsererror
functions.js?v=385251d48450fc342bf98fc99412f3991ca8e6fc:134 Response:
Invalid session.


Expected result


Actual result


Steps to reproduce


It's happening after a fresh install so there wasn't any changes made.
(e.g. recent changes to the server, excerpts from log files (/var/log/*, /var/log/keyhelp/php-error.log, etc.))
l_fish
Posts: 144
Joined: Tue 15. Aug 2017, 11:49

Re: AJAX_ERROR on Dashboard

Post by l_fish »

I can confirm this error (KeyHelp 22.0 (Build 2393) on Debian 11.3 (64-bit)).
ChiefZA
Posts: 4
Joined: Thu 2. Jun 2022, 10:45

Re: AJAX_ERROR on Dashboard

Post by ChiefZA »

Image
Image
Image
User avatar
technotravel
KeyHelp Translator
Posts: 263
Joined: Mon 19. Oct 2020, 11:11

Re: AJAX_ERROR on Dashboard

Post by technotravel »

Not for me:

Debian11 with all latest updates
Keyhelp 22.0 (Build 2393)

So it seems it doesn't affect everybody ...
Chers francophones, je traduis KeyHelp en français. S'il y a des erreurs ou des propositions d'amélioration, n'hésitez pas à me contacter !
(Ich übersetze KeyHelp ins Französische)
User avatar
Florian
Keyweb AG
Posts: 1243
Joined: Wed 20. Jan 2016, 02:28

Re: AJAX_ERROR on Dashboard

Post by Florian »

Hello,

this is no general issue. It also works on my Debian 11 test servers.

Something on your server must block the requests
Mit freundlichen Grüßen / Best regards
Florian Cheno

**************************************************************
Keyweb AG - Die Hosting Marke
Neuwerkstr. 45/46, 99084 Erfurt / Germany
http://www.keyweb.de - http://www.keyhelp.de
**************************************************************
l_fish
Posts: 144
Joined: Tue 15. Aug 2017, 11:49

Re: AJAX_ERROR on Dashboard

Post by l_fish »

For me it seems to be a browser problem. I get the ajax error only with Brave browser. The ajax call returns a "Invalid session." instead of the correct data in that case.

In Chrome and Firefox the ajax calls are successful. Since Brave is more strict about privacy protection it may handle cookie + ajax a bit different than the other browsers.
User avatar
Alexander
Keyweb AG
Posts: 3810
Joined: Wed 20. Jan 2016, 02:23

Re: AJAX_ERROR on Dashboard

Post by Alexander »

I checked it with Brave Browser and can reproduce the problem. Other Browsers work fine.

Background information: KeyHelp has an anti-session-hijack-mechanism, which ensures that a session cannot be hijacked by an attacker by checking (among other checks) various browser features to see if they are still the same as the last time they the browser performed a request.

The problem now is that Brave seems to be inconsistent when accessing a page directly and when performing an Ajax request. (Specifically: it sends different HTTP_ACCEPT_LANGUAGE headers), which is strange behavior. I will now have to check why they are doing this and how to prevent it....
Mit freundlichen Grüßen / Best regards
Alexander Mahr

**************************************************************
Keyweb AG - Die Hosting Marke
Neuwerkstr. 45/46, 99084 Erfurt / Germany
http://www.keyweb.de - http://www.keyhelp.de
**************************************************************
User avatar
Alexander
Keyweb AG
Posts: 3810
Joined: Wed 20. Jan 2016, 02:23

Re: AJAX_ERROR on Dashboard  [SOLVED]

Post by Alexander »

I fixed it via the Brave settings:

1) Go to Settings
2) Turn off the fingerprint settings ("Prevent websites from fingerprinting me based on my language settings")

---

I see what they are trying to achieve, but as this is a security feature of KeyHelp (and of course is not for tracking within KeyHelp) I am not planing in changing anything in the behavior of KeyHelp for now.
Mit freundlichen Grüßen / Best regards
Alexander Mahr

**************************************************************
Keyweb AG - Die Hosting Marke
Neuwerkstr. 45/46, 99084 Erfurt / Germany
http://www.keyweb.de - http://www.keyhelp.de
**************************************************************
l_fish
Posts: 144
Joined: Tue 15. Aug 2017, 11:49

Re: AJAX_ERROR on Dashboard

Post by l_fish »

Alexander wrote: Fri 3. Jun 2022, 10:19 I fixed it via the Brave settings:

1) Go to Settings
2) Turn off the fingerprint settings ("Prevent websites from fingerprinting me based on my language settings")
Confirmed here. Thank you, Alex! :)
ChiefZA
Posts: 4
Joined: Thu 2. Jun 2022, 10:45

Re: AJAX_ERROR on Dashboard

Post by ChiefZA »

I was using Brave browser, and when I tried it on Chrome, the problem disappeared. Wow, good catch.
Post Reply