Deauthentication not recognised by the client

[jtojnar]

1. Log in to selfoss
2. Delete the PHPSESSID cookie
3. Switch the tag or something, the following error will be produced:

Load list error: parsererror SyntaxError: JSON.parse: unexpected character at line 1 column 1 of the JSON data

Alternately, for 3., let selfoss synchronize the data, then a more precise error will be shown:

Could not sync last changes from server: error Forbidden

Ideally, selfoss would show message like “You have been signed out. Log in to continue.”

[Weishaupt]

I guess I experience a similar problem. On multiple clients (using firefox, chrome mobile) I only log in once. When I reopen the page, no login dialogue is shown and the error reads

List load error: error Forbidden

If I'm using a private session, the login page is shown, and the client properly loads the feed items.

I'm on master. This bug must have been introduced since 2.17

[jtojnar]

Yes, it was made worse here. I should have requested for it to be fixed, did not realize it would be so annoying.

[virusmoere]

Still not working for me on the current dev version.

[niol]

Works for me. Can you detail how you make it fail and the corresponding error message?

[virusmoere]

It is enough to delete the PHPSESSID cookie. After that I get the "No items loaded, reload?" message on the site and in the dev tools I can see calls on "https://url/?offset=0&itemsPerPage=50&search=&type=unread&tag=&source=&sourcesNav=false&ajax=true" that are answered with 403 unauthorized - "an error occured".

[niol]

If I login, delete the PHPSESSID cookie, click on a tag or a filter, I get a "your session has expired" red banner and the login screen, as expected.

[virusmoere]

Not for me:

My config.ini for reference:
; see https://selfoss.aditu.de for more information about ; the configuration parameters [globals] db_type=sqlite db_file=data/sqlite/selfoss.db db_host=localhost db_database=selfoss db_username=root db_password= db_port= db_prefix= logger_destination=file:data/logs/default.log logger_level=ERROR items_perpage=50 items_lifetime=30 base_url=https://*** username=*** password=*** salt=*** public= html_title=selfoss rss_title=selfoss feed rss_max_items=300 rss_mark_as_read=0 homepage=unread language=0 auto_mark_as_read=1 auto_collapse=0 auto_stream_more=1 anonymizer= use_system_font= share=gtfpde wallabag= wallabag_version=1 allow_public_update_access=1 unread_order= load_images_on_mobile=0 auto_hide_read_on_mobile=0 env_prefix=selfoss_ camo_domain= camo_key= scroll_to_article_header=1 show_thumbnails=1

[niol]

Can you double check the version you are running and the js version loaded in your browser? Because I cannot find any failure on my setup.

[virusmoere]

I switched back to 2.18 stable as a test, cleared all browser cache and testing with Chrome Dev tools with cache disabled. Same error.

jQuery JavaScript Library v2.2.4
$().jquery "2.2.4"

[niol]

Please ensure latest js by deleting public/all.js and ensuring the new autogenerated file gets loaded by the browser.

[virusmoere]

Still the same :-(

[jtojnar]

Can you change DEBUG to 1 in common.php and look on the response body in the network tools?

[virusmoere]

Sure:

Ein Fehler ist aufgetreten: HTTP 403 (GET /?offset=0&itemsPerPage=50&search=&type=unread&tag=&source=&sourcesNav=false&ajax=true) [vendor/bcosca/fatfree-core/f3.php:39] Base->error() [controllers/Index.php:40] controllers\BaseController->needsLoggedInOrPublicMode() [vendor/bcosca/fatfree-core/base.php:1806] controllers\Index->home() [vendor/bcosca/fatfree-core/base.php:1627] Base->call() [index.php:80] Base->run()