Strange 400 error

[deleted]

I can't seem to clear any notifications - when checking the URL directly (https://discuss.infosecforge.io/api/notifications/read), I see this

{"errors":[{"status":"405","code":"method_not_allowed"}]}

I'm logged in, so should have access ?

A bit more detail from the console

forum-recache-8b5af84207c6a5ad4c3832a645bfe269.js:1 XHR failed loading: POST "https://discuss.infosecforge.io/api/notifications/read".
(anonymous) @ forum-recache-8b5af84207c6a5ad4c3832a645bfe269.js:1
(anonymous) @ forum-recache-8b5af84207c6a5ad4c3832a645bfe269.js:1
m.request @ forum-recache-8b5af84207c6a5ad4c3832a645bfe269.js:1
e.request @ forum-recache-8b5af84207c6a5ad4c3832a645bfe269.js:1
n.markAllAsRead @ forum-recache-8b5af84207c6a5ad4c3832a645bfe269.js:57
L.t.<computed> @ forum-recache-8b5af84207c6a5ad4c3832a645bfe269.js:1

KimYunz

[deleted] are you using prettymail extension?

clarkwinkelmann

[deleted] /api/notifications/read is a POST endpoint, trying to visit it in a normal tab will result in a GET request, causing the method_not_allowed error you see.

To see the error happening with the real POST request, you'll need to take a look at the network tab in the browser development tools. There you will be able to see the response.

Regarding your cache issue it's probably a separate thing. Are you using any kind of proxy (like Cloudflare?).

[deleted]

KimYunz No.

[deleted]

Seems as though this is another caching issue. Clearing the cache solves the problem, but I know for 100% certain it'll be back. Also, when this issue manifests itself, clicking the header title or logo displays old posts, and not the latest ones.

Am I the only one who experiences this ?

[deleted]

clarkwinkelmann yes, I'm using cloudflare, but have a page rule that excludes the entire subdomain where flarum resides.

[deleted]

Coming back here with an update. Disabled Cloudflare completely this time, and waited.....no issues since, so it looks like the issue was being caused by Cloudflare. With REDIS cache, plus the recache extension, the performance increase that CF generated is negated. In fact, CF's TTFB is incredibly high in most cases.

Bottom line - if you want to use Cloudflare, only use it for DNS - you can't fault the speed of TTL, but for anything else, just.....don't, if you are using Flarum and want it to work properly.

[deleted]

So, you suggest to use which of these Cloudflare caching options?

[deleted]

[deleted] None of them. In my case, the only thing that works without issue is

Set all DNS records to no proxy (grey cloud instead of Orange)
Pause Cloudflare on site, which means it only serves DNS

clarkwinkelmann

I never had any issue using Cloudflare. Everything is setup with the defaults, I'm mostly using them for the proxy and DDOS protection.

The only thing that can be safely cached are the assets (css, js and avatars). If Cloudflare starts caching other resources (API or frontend HTML) then it's likely to break.

It would be valuable to find out which cached resources caused your issue so we can identify whether something can be done in our recommended config.

If your server is using Apache with the mod_expires module we have explicit rules that should prevent a proxy over-caching in the .htaccess. In particular json and html are "access plus 0 seconds" https://github.com/flarum/flarum/blob/master/public/.htaccess#L39

If you didn't force Cloudflare to cache those resources (via page rules), maybe your webserver is setup in a way it adds caching headers to outgoing responses that are different from those defined in Flarum's htaccess and nginxconfig? For example if a hosting automatically added caching headers for HTML data, it could mess up with PHP applications behind Cloudflare.

Update: I'm not using Recache, so maybe there's something specific there ? I suppose Recache also adds its own cache headers to some responses.

[deleted]

clarkwinkelmann If you didn't force Cloudflare to cache those resources (via page rules), maybe your webserver is setup in a way it adds caching headers to outgoing responses that are different from those defined in Flarum's htaccess and nginxconfig? For example if a hosting automatically added caching headers for HTML data, it could mess up with PHP applications behind Cloudflare.

A good casing point, but I'm not convinced that this is the case on my VPS. My server also uses mod_expires.

[deleted]

I've started to get this again when attempting to mark all notifications as read - in Chrome / Brave only, it seems. No issues in Firefox, but in Chrome I get "Oops! Something went wrong. Please reload the page and try again" with no logs, and nothing in the console apart from the 400 message pointing to https://forum.phenomlab.com/api/notifications/read.

I can live with this error if it's only me, but I'm not convinced that others aren't getting this message and are being put off as a result.

Anyone else experienced this ? No CF, no re-cache...

tankerkiller125

What version of PHP? I have yet to experience this in both 7.2 (Prod) or 7.3 (Dev)

[deleted]

tankerkiller125 Still an issue for me - I'm able to reproduce it right now - seems browser (Brave) related though. Works fine in Firefox for example.

[deleted]

7.3

Ralkage

[deleted] Brave is based on Chromium, though, it could be very well behind on what release they are using. Have you tested this issue on Google Chrome as well?

[deleted]

Ralkage good point. I think they stay relatively up to date, but aren't as bleeding edge as chromium. I'll need to check