Description
Describe the bug
I am experiencing a similar issue to #667 - this variant seems to be connected to how the user logs in (email+password VS google connector).
Details:
- Users who login with username and password see images in questions and answers OK
- Users who login with Google (using the google connector plugin) do not see the same images (instead they get the 403 error, same as picture not diplay normally #667)
Additional info:
- If a non-existing user logs in with google (so their account is created at that moment), they can not see the image. If they log out, the admin sets a password for them and they log back in with email and password, the can see the image.
- If a user is created with email and password and logs in with email and password they can see the image. If they log out and log in with google, they can not see the image anymore.
- A user who cannot see the image is not able to see it both in the posts and directly accessing the URL (redirect to 403)
- Regarding cookies: I observed that if the same user logs in with email+password first receives a certain cookie visit=UID. Using curl with this cookie retrieves the image OK (HTTP 200). If the user logs out and back in with Google they keep the same cookie, but now the same curl command fails (302 to the 403 page).
- Sometimes, if the user logs in with email+password, logs out and back in with google, the image seems to load ok, but it's only "cached", and after a few refresh/cache clean/Shift+R it gets back to the usual erorr 403. Curl instead seems to fail immediately
- All behaviors are reproduceable in Chrome and Firefox on multiple PCs
To Reproduce
Steps to reproduce the behavior:
- Login using google authenticator (either on a new account or on an account previously created with email+password)
- Open a question (possibly posted by another user, not sure if the same problem is present with images posted by the same account) with an image in the body
- Observe that the image is broken
- Try to open the image directly via its URL -> get a redirect to 403 error page
Expected behavior
All users should be able to see all images as long as they are logged in correctly.
Screenshots
Example of broken image in the post body:
Example of 403 redirect when accessing the image URL directly.
Platform
- Device: Desktop
- OS: Debian 12 Bookworm
- Browser and version: Verified in both Chrome and Firefox
- Version: latest (1.5.0) - Installed with docker (can provide docker and configuration files if necessary)
Tagging @LinkinStars to continue the previous interaction.
Metadata
Metadata
Assignees
Labels
Type
Projects
Status
Done