Sync Error in 5.0.80

Hey there,
I am experiencing some issues with the current 5.0.80 release. I use webdav to sync my file attachments. Zotero 5.0.80 tells me, that my webdav Server is responding with a HTTP 503 Error, which would not be Zoteros issue.

The problem is, that on other machines and even on the same machine the same sync with the same library and the same file works fine under 5.0.77. I have both versions installed and made a copy of the Zotero-Folder before upgrading.

Does anyone have an idea why this is happening?

DEBUG ID 43399149
  • Can you provide a Debug ID for the sync attempt? You provided a Report ID.
  • Oh sorry, my mistake.

    Is there any other way? My password is in clear-text in the Output (in the URL of the Error message), I would prefer not to send that to anyone.

    I can send you version with the passwords removed via Mail or post it here, if that helps
  • You can email a redacted version to support@zotero.org with a link to this thread.

    (Passwords are generally removed from the output automatically. We'll see if we're able to hide it for the one you're experiencing.)
  • Perfect, thank you.
  • That's odd, but your best bet it to check the server logs to see why it's returning a 503 for the GET request for the ZIP.
  • edited December 10, 2019
    The Server Error I am getting, when trying to download a file in 5.0.80 is:

    "Exception":"Sabre\\DAV\\Exception\\NotAuthenticated","Message":"No 'Authorization: Basic' header found. Either the client didn't send one, or the server is misconfigured, No 'Authorization: Bearer' header found. Either the client didn't send one, or the server is mis-configured"

    That does not appear, when I download a file with 5.0.77

    The full message of the webdav log is (with a redacted middle part of the IP):
    {"reqId":"SP8MoRWX2TFoeRLZUEpc","level":0,"time":"2019-12-10T10:12:07+00:00","remoteAddr":"2a02::93ce","user":"--","app":"webdav","method":"GET","url":"\/nextcloud\/remote.php\/webdav\/zotero\/3VHY352J.prop","message":{"Exception":"Sabre\\DAV\\Exception\\NotAuthenticated","Message":"No 'Authorization: Basic' header found. Either the client didn't send one, or the server is misconfigured, No 'Authorization: Bearer' header found. Either the client didn't send one, or the server is mis-configured","Code":0,"Trace":[{"function":"beforeMethod","class":"Sabre\\DAV\\Auth\\Plugin","type":"->","args":[{"absoluteUrl":"http:\/\/lerhard.ddns.net\/nextcloud\/remote.php\/webdav\/zotero\/3VHY352J.prop","__class__":"Sabre\\HTTP\\Request"},{"__class__":"Sabre\\HTTP\\Response"}]},{"file":"\/var\/www\/html\/nextcloud\/3rdparty\/sabre\/event\/lib\/EventEmitterTrait.php","line":105,"function":"call_user_func_array","args":[[{"autoRequireLogin":true,"__class__":"Sabre\\DAV\\Auth\\Plugin"},"beforeMethod"],[{"absoluteUrl":"http:\/\/lerhard.ddns.net\/nextcloud\/remote.php\/webdav\/zotero\/3VHY352J.prop","__class__":"Sabre\\HTTP\\Request"},{"__class__":"Sabre\\HTTP\\Response"}]]},{"file":"\/var\/www\/html\/nextcloud\/3rdparty\/sabre\/dav\/lib\/DAV\/Server.php","line":466,"function":"emit","class":"Sabre\\Event\\EventEmitter","type":"->","args":["beforeMethod",[{"absoluteUrl":"http:\/\/lerhard.ddns.net\/nextcloud\/remote.php\/webdav\/zotero\/3VHY352J.prop","__class__":"Sabre\\HTTP\\Request"},{"__class__":"Sabre\\HTTP\\Response"}]]},{"file":"\/var\/www\/html\/nextcloud\/3rdparty\/sabre\/dav\/lib\/DAV\/Server.php","line":254,"function":"invokeMethod","class":"Sabre\\DAV\\Server","type":"->","args":[{"absoluteUrl":"http:\/\/lerhard.ddns.net\/nextcloud\/remote.php\/webdav\/zotero\/3VHY352J.prop","__class__":"Sabre\\HTTP\\Request"},{"__class__":"Sabre\\HTTP\\Response"}]},{"file":"\/var\/www\/html\/nextcloud\/apps\/dav\/appinfo\/v1\/webdav.php","line":80,"function":"exec","class":"Sabre\\DAV\\Server","type":"->","args":[]},{"file":"\/var\/www\/html\/nextcloud\/remote.php","line":163,"args":["\/var\/www\/html\/nextcloud\/apps\/dav\/appinfo\/v1\/webdav.php"],"function":"require_once"}],"File":"\/var\/www\/html\/nextcloud\/3rdparty\/sabre\/dav\/lib\/DAV\/Auth\/Plugin.php","Line":168,"CustomMessage":"--"},"userAgent":"Mozilla\/5.0 (X11; Linux x86_64; rv:60.0) Gecko\/20100101 Firefox\/60.0","version":"17.0.1.1"}

  • I have to correct myself: The 5.0.77 also outputs the message

    - only significant difference is the user-agent: "Mozilla\/5.0 (X11; Linux x86_64; rv:52.0) Gecko\/20100101 Firefox\/52.0"

    The difference remains: 5.0.77 works either way, 5.0.80 does not
  • You're saying you're seeing the "Sabre\\DAV\\Exception\\NotAuthenticated" exception logged for requests from 5.0.77 too? If so, you would really need to debug this on the server end to find an error message specifically for the 503. An authentication error shouldn't cause that.

    In any case:
    [JavaScript Error: "NS_ERROR_FAILURE: Couldn't decrypt string" {file: "jar:file:///usr/lib/zotero/omni.ja!/components/crypto-SDR.js" line: 179}]
    If you move the cert8.db/cert9.db and key3.db/key4.db files out of the Zotero profile directory, restart Zotero, and then reenter your sync credentials, is this error still logged in Zotero?
  • The JavaScript Error remains after removing the four cert[3,4,8,9].db files and reinserting the credentials. it appears in both versions at the program startup.

    (in 5.0.77 it is line 146 instead of 179)

    I dug a bit deeper into the HTTP Packets that are sent between nextcloud-webdav and zotero. It seems the problem indeed lies in the user-agent and the cookies that are exchanged between the two during the HTTP requests.

    The sync between zotero and nextcloud works, if I set nextcloud to debug mode, because then it skips some cookie-checks apparently. (It seems to relate to CSFR-checks).

    Here are some related links:
    https://github.com/keeweb/keeweb/issues/1172
    https://github.com/nextcloud/server/issues/7344
    https://github.com/nextcloud/server/issues/2099

    Fix (or workaround) for people interested:
    add '/^Mozilla/'
    to the list of incompatible user-agents, as shown in https://github.com/nextcloud/server/issues/2099#issuecomment-274586973
  • Weird. 5.0.78 included an upgrade of the Firefox framework Zotero is based on, so I imagine something changed there with regard to cookie handling, but what NextCloud is doing is bizarre and arguably incorrect, so I think we're not going to worry about this unless we receive other reports. (I haven't tested this to see exactly what's happening, but it sounds like one solution would be to make sure Zotero isn't sending any cookies with the WebDAV requests.)
  • I totally agree. If i can be of any help with that, just let me know.

    In any case, thank you very much for your time and keep up the good work !
  • I have what seems to be exactly the same error described above. Latest Zotero giving 503 error when downloading files from NextCloud, but copy/pasting the very same link with password that appears in the error message in a browser works fine and the file downloads easily.

    Unfortunately, I don't fully manage my NextCloud, so I'm afraid I can't apply the workaround above. I understand NextCloud may be to blame here, but looking at that GitHub issue it looks like they are not going to change their approach there. Is there anything I can do from Zotero's side to make this work?
  • I should add that this issue emerges with fresh installs only, and does not appear if you update.

    So if you have a fully synced backup (and if you're making a fresh install, this is very likely the case), it is possible to use this workaround:

    1. install Zotero 5.0.77

    https://download.zotero.org/client/release/5.0.77/Zotero-5.0.77_linux-x86_64.tar.bz2

    2. Set up webdav and sync.

    3. Restart. Zotero will update automatically, and webdav will work fine even after the upgrade to 5.0.80.

    I think this explains why this issue has not yet touched all the users that it could have, as many are simply updating from previous versions.

    But this is due to emerge more and more often, so I still feel it would be nice for this to be fixed from Zotero's side
  • @giocomai: That wouldn't be a fix — that would just sync all files before you upgraded. Once there was another file download to make, you'd likely get the same error.

    In any case, I don't have a NextCloud installation to test this against, but I'm hoping this is fixed in the latest Zotero beta. @lerhard, @hklemens, and others experiencing this, you can try that version and let me know if you still have trouble with new downloads.
  • Great to hear this should be fixed. But to clarify: no, whatever the reason, the issue appeared only with a fresh install of 5.0.80. After setting everything up with a previous version (5.0.77), then updating, things still work fine: upload and download via webdav continue to function normally.
  • @dstillman I still get the same error with 5.0.81-beta.12+5a1e32961
    5.0.77 works fine, sync option for download files set to "on demand"
    updated to 5.0.8 (within Zotero), get a HTTP 503 error
    installed the beta version, get the HTTP 503 error
    will go back to 5.0.77 now
  • Can someone provide either 1) a log of full HTTP requests and responses leading up to this error (with the Authorization header x'ed out) or 2) a test login to a NextCloud server that we can use to try to reproduce this ourselves? Either of those can be emailed to support@zotero.org with a link to this thread.

    NextCloud's behavior here is totally bizarre, so we can't spend a lot more time on this, but if someone can help us see exactly what's happening we can try to fix it.
  • Just sent account details to support@zotero.org. Thanks for your time and patience
  • I don't see why this should make a difference, but perhaps worth adding that on desktop I'm on Linux (Fedora 31)
  • Just wanted to add that I am getting the error in 5.080 with Nextcloud. After downgrading to 5.77 (after reading the above forum), I was able to successfully sync with my personal nextcloud instance.
  • I believe this is fixed in Zotero 5.0.81, available now. (Thanks for providing the test login, @giocomai. Feel free to delete that account.)

    We're no longer sending any cookies for WebDAV requests, which seems to avoid this misguided attempt at a security feature in Nextcloud.
Sign In or Register to comment.