Behind corporate proxy - Draft/DrawIO 419 Expired #1470

New Issue

OVERLORD · 2026-02-05T01:00:02+03:00

OVERLORD commented

2026-02-05 01:00:02 +03:00

Originally created by @qerim on GitHub (Dec 3, 2019).

Experiencing this issue when I attempt to save a DrawIO drawing, or when drafts are saved in the background.

I am sitting behind a corporate proxy.
If I set windows to not use the proxy for the Bookstack domain, then it works all fine.

Is there anyway to set this up on the application side?

The response is:

The page has expired due to inactivity.
Please refresh and try again.

DrawIO Save (POST) or Draft Save (PUT)

Request URL:http://mydocs.domain.co.uk/images/drawio
Request method:POST
Remote address:10.3.1.45:3128
Status code:
419
Version:HTTP/1.1
Referrer Policy:no-referrer-when-downgrade

Response headers (630 B)

Raw headers
Cache-Control	
no-cache, private
Connection	
keep-alive
Content-Type	
text/html; charset=UTF-8
Date	
Tue, 03 Dec 2019 11:48:27 GMT
Server	
nginx
Set-Cookie	
bookstack_session=eyJpdiI6Ilhk…ax-Age=7200; path=/; HttpOnly
Transfer-Encoding	
chunked
X-Cache	
MISS from proxynode03
X-Cache-Lookup	
MISS from proxynode03:3128

Request headers (1.525 kB)

Raw headers
Accept	
*/*
Accept-Encoding	
gzip, deflate
Accept-Language	
en-GB,en;q=0.5
baseURL	
http://mydocs.domain.co.uk/
Cache-Control	
no-cache
Connection	
keep-alive
Content-Length	
2770
Content-Type	
application/json
Cookie	
_pk_id.3.c199=1041443ad1326db1…Tg2MWZjMjQ5YmZhMGJmNGQzIn0%3D
Host	
mydocs.domain.co.uk
Origin	
http://mydocs.domain.co.uk
Pragma	
no-cache
Referer	
http://mydocs.domain.co.uk/books…test/page/first-test-page/edit
User-Agent	
Mozilla/5.0 (Windows NT 10.0; …) Gecko/20100101 Firefox/70.0
X-CSRF-TOKEN	
aymLSRktZslsXfEdoFlT3BfiK4uMMInYOyOrpwIA

Originally created by @qerim on GitHub (Dec 3, 2019). Experiencing this issue when I attempt to save a DrawIO drawing, or when drafts are saved in the background. ![image](https://user-images.githubusercontent.com/3625009/70049559-d6d0c180-15c4-11ea-9393-457807d452e5.png) I am sitting behind a corporate proxy. If I set windows to not use the proxy for the Bookstack domain, then it works all fine. ![image](https://user-images.githubusercontent.com/3625009/70049670-15667c00-15c5-11ea-9d8d-1e2cf56b4154.png) Is there anyway to set this up on the application side? The response is: The page has expired due to inactivity. Please refresh and try again. ## DrawIO Save (POST) or Draft Save (PUT) Request URL:http://mydocs.domain.co.uk/images/drawio Request method:POST Remote address:10.3.1.45:3128 Status code: 419 Version:HTTP/1.1 Referrer Policy:no-referrer-when-downgrade #### Response headers (630 B) Raw headers Cache-Control no-cache, private Connection keep-alive Content-Type text/html; charset=UTF-8 Date Tue, 03 Dec 2019 11:48:27 GMT Server nginx Set-Cookie bookstack_session=eyJpdiI6Ilhk…ax-Age=7200; path=/; HttpOnly Transfer-Encoding chunked X-Cache MISS from proxynode03 X-Cache-Lookup MISS from proxynode03:3128 #### Request headers (1.525 kB) Raw headers Accept */* Accept-Encoding gzip, deflate Accept-Language en-GB,en;q=0.5 baseURL http://mydocs.domain.co.uk/ Cache-Control no-cache Connection keep-alive Content-Length 2770 Content-Type application/json Cookie _pk_id.3.c199=1041443ad1326db1…Tg2MWZjMjQ5YmZhMGJmNGQzIn0%3D Host mydocs.domain.co.uk Origin http://mydocs.domain.co.uk Pragma no-cache Referer http://mydocs.domain.co.uk/books…test/page/first-test-page/edit User-Agent Mozilla/5.0 (Windows NT 10.0; …) Gecko/20100101 Firefox/70.0 X-CSRF-TOKEN aymLSRktZslsXfEdoFlT3BfiK4uMMInYOyOrpwIA

OVERLORD closed this issue

2026-02-05 01:00:06 +03:00

OVERLORD commented

2026-02-05 01:00:14 +03:00

@ssddanbrown commented on GitHub (Dec 7, 2019):

Hi @qerim,
Sorry to hear you're having issues with this. Might be hard for me to help on this one since it'll be hard for me to replicate the exact proxy setup.

This could happen if cookies were not properly being sent on these requests, but it's hard to tell from the above since the cookie values are truncated.

Are you able to access the BookStack demo (https://demo.bookstackapp.com) site via the proxy? Would be interesting to see if that same happens there.

@ssddanbrown commented on GitHub (Dec 7, 2019): Hi @qerim, Sorry to hear you're having issues with this. Might be hard for me to help on this one since it'll be hard for me to replicate the exact proxy setup. This could happen if cookies were not properly being sent on these requests, but it's hard to tell from the above since the cookie values are truncated. Are you able to access the BookStack demo (https://demo.bookstackapp.com) site via the proxy? Would be interesting to see if that same happens there.

OVERLORD commented

2026-02-05 01:00:16 +03:00

@qerim commented on GitHub (Dec 10, 2019):

@ssddanbrown The demo Bookstack site seems to work well, no issues. I think it's to do with my setup and permissions. I took a look at this: https://github.com/laravel/framework/issues/26106#issuecomment-444723768 . Will try to go over it later and get it working.

I'm closing this as it's clearly not a Bookstack issue. Thanks.

@qerim commented on GitHub (Dec 10, 2019): @ssddanbrown The demo Bookstack site seems to work well, no issues. I think it's to do with my setup and permissions. I took a look at this: https://github.com/laravel/framework/issues/26106#issuecomment-444723768 . Will try to go over it later and get it working. I'm closing this as it's clearly not a Bookstack issue. Thanks.

Sign in to join this conversation.

Branches Tags

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/BookStack#1470