Mika-/torrent-control

JSON.parse error when adding torrent.

Closed this issue · 7 comments

Suddenly keep getting this error, have tried from a few different trackers and restarting my client.

Screenshot 2024-10-31 at 18 18 19

Firefox 132.0 (MacOS)
Torrent Control 0.2.41
Transmission 4.0.5 (Linux/Docker)

Mika- commented

That likely happens when Transmission returns unknown response on login.

Can you include more info about those requests? You can view them by opening debugger (Menu > Addons > Gear icon > Debug Addons > Inspect on Torrent Control) newly made requests show up in the Network tab.

That likely happens when Transmission returns unknown response on login.

Can you include more info about those requests? You can view them by opening debugger (Menu > Addons > Gear icon > Debug Addons > Inspect on Torrent Control) newly made requests show up in the Network tab.

This is the error response:

409: Conflict

Your request had an invalid session-id header.

To fix this, follow these steps:

    When reading a response, get its X-Transmission-Session-Id header and remember it
    Add the updated header to your outgoing requests
    When you get this 409 error message, resend your request with the updated header

This requirement has been added to help prevent [CSRF](https://en.wikipedia.org/wiki/Cross-site_request_forgery) attacks.

X-Transmission-Session-Id: 

Request Headers:

POST /transmission/rpc HTTP/2
Host: user.bt.l.def.au
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:132.0) Gecko/20100101 Firefox/132.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br, zstd
content-type: application/json
Content-Length: 66112
Origin: moz-extension://0c0e2c01-c253-4e84-a935-4f960a7484c6
DNT: 1
Sec-GPC: 1
Authorization: Basic 
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Priority: u=4
TE: trailers

Response headers:

HTTP/2 409 
access-control-allow-origin: *
access-control-expose-headers: X-Transmission-Session-Id
content-type: text/html; charset=ISO-8859-1
date: Thu, 31 Oct 2024 22:20:49 GMT
server: Transmission
x-transmission-session-id: 
content-length: 581
Mika- commented

I expect that x-transmission-session-id response header has some value that you redacted? So that looks right. What does the next request look like?

Both requests appear to be identical. In the second request, the same response with status 409 is returned. The request headers in the second response do not include a x-transmission-session-id value.

Heres the actual content of the request header in the 2nd request, in case I missed something:

POST /transmission/rpc HTTP/2
Host: user.bt.l.def.au
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:132.0) Gecko/20100101 Firefox/132.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br, zstd
content-type: application/json
Content-Length: 37096
Origin: moz-extension://0c0e2c01-c253-4e84-a935-4f960a7484c6
DNT: 1
Sec-GPC: 1
Authorization: Basic ZGViaWFuOnYzOGJUOVRVckh5VTkzeGtMdnBocVZKNjk=
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Priority: u=4
Mika- commented

Just noticed you have http 2 reverse proxy that causes response header names to be normalized to lower case. Handling that is now fixed in the latest version.

All good now! I didn't suspect adding a proxy to be the issue, as I put transmission behind the proxy months ago. Weird that it took this long to cause issues.