TypeError and Blank Pages #1475

New Issue

Closed

opened 2026-02-05 01:00:36 +03:00 by OVERLORD · 11 comments

OVERLORD commented 2026-02-05 01:00:36 +03:00

Owner

Copy Link

Originally created by @Coolfeather2 on GitHub (Dec 10, 2019).

OS: Ubuntu 18.04 LTS
Bookstack Version: v0.27.5
MySQL Version: 5.7
PHP Version: 7.2

Apache web
Setup using 18.04 Script

---

Any books viewed return as a blank page

Searching is also appears for a few secs and then goes blank, similar to #748

Was working 24 hours ago
Restarted System, no Changes

---

Error from browser console:

TypeError: this.$el.getAttribute is not a function
    at Cn.mounted (VM752 app.js:27)
    at He (VM752 app.js:27)
    at tn (VM752 app.js:27)
    at VM752 app.js:27
    at Cn.$mount (VM752 app.js:27)
    at Cn.$mount (VM752 app.js:27)
    at Cn._init (VM752 app.js:27)
    at new Cn (VM752 app.js:27)
    at X (VM752 app.js:27)
    at Module.<anonymous> (VM752 app.js:27)

Originally created by @Coolfeather2 on GitHub (Dec 10, 2019). **OS:** Ubuntu 18.04 LTS **Bookstack Version:** v0.27.5 **MySQL Version**: 5.7 **PHP Version:** 7.2 Apache web Setup using 18.04 Script --- Any books viewed return as a blank page Searching is also appears for a few secs and then goes blank, similar to #748 Was working 24 hours ago Restarted System, no Changes --- Error from browser console: ``` TypeError: this.$el.getAttribute is not a function at Cn.mounted (VM752 app.js:27) at He (VM752 app.js:27) at tn (VM752 app.js:27) at VM752 app.js:27 at Cn.$mount (VM752 app.js:27) at Cn.$mount (VM752 app.js:27) at Cn._init (VM752 app.js:27) at new Cn (VM752 app.js:27) at X (VM752 app.js:27) at Module.<anonymous> (VM752 app.js:27) ```

OVERLORD closed this issue 2026-02-05 01:00:40 +03:00

OVERLORD commented 2026-02-05 01:00:46 +03:00

Author

Owner

Copy Link

@ssddanbrown commented on GitHub (Dec 12, 2019):

Hi @Coolfeather2,
Sorry to hear you are experiencing issues.

Does this issue appear on the demo site at all?: https://demo.bookstackapp.com/
Does this occur on a fresh book, With not contents?

@ssddanbrown commented on GitHub (Dec 12, 2019): Hi @Coolfeather2, Sorry to hear you are experiencing issues. Does this issue appear on the demo site at all?: https://demo.bookstackapp.com/ Does this occur on a fresh book, With not contents?

OVERLORD commented 2026-02-05 01:00:52 +03:00

Author

Owner

Copy Link

@Coolfeather2 commented on GitHub (Dec 12, 2019):

Issue does not appear on Demo

Issue does occur on a fresh book, with no content

@Coolfeather2 commented on GitHub (Dec 12, 2019): Issue does not appear on Demo Issue does occur on a fresh book, with no content

OVERLORD commented 2026-02-05 01:00:54 +03:00

Author

Owner

Copy Link

@Coolfeather2 commented on GitHub (Dec 13, 2019):

I can view individual sheets, but as soon as I navigate to the book or edit the page, it goes blank

I can provide screenshots if neccessary

@Coolfeather2 commented on GitHub (Dec 13, 2019): I can view individual sheets, but as soon as I navigate to the book or edit the page, it goes blank I can provide screenshots if neccessary

OVERLORD commented 2026-02-05 01:00:57 +03:00

Author

Owner

Copy Link

@ssddanbrown commented on GitHub (Dec 15, 2019):

Very odd,

• Have you tried viewing in a different browser?
• Have you got any content in the "Custom HTML Head Content" setting in the settings area?
• Have you attempted any custom tweaks to your BookStack instance?

@ssddanbrown commented on GitHub (Dec 15, 2019): Very odd, * Have you tried viewing in a different browser? * Have you got any content in the "Custom HTML Head Content" setting in the settings area? * Have you attempted any custom tweaks to your BookStack instance?

OVERLORD commented 2026-02-05 01:01:00 +03:00

Author

Owner

Copy Link

@Coolfeather2 commented on GitHub (Dec 15, 2019):

• Have you tried viewing in a different browser?
  Currently viewed in Chrome
  Tried:

• Incognito

• Firefox

• Edge - Site is inaccessible as does not support TLS

• IE - Site is inaccessible as does not support TLS

  Issue is still present and has the 1 second where it works

• Have you got any content in the "Custom HTML Head Content" setting in the settings area?
  Nothing in Custom HTML Head Content

• Have you attempted any custom tweaks to your BookStack instance?
  No custom tweaks, but it is running through a nginx proxy -> bluestack apache

@Coolfeather2 commented on GitHub (Dec 15, 2019): - **Have you tried viewing in a different browser?** Currently viewed in Chrome Tried: - [x] Incognito - [x] Firefox - [ ] Edge - Site is inaccessible as does not support TLS - [ ] IE - Site is inaccessible as does not support TLS Issue is still present and has the 1 second where it works - **Have you got any content in the "Custom HTML Head Content" setting in the settings area?** Nothing in Custom HTML Head Content - **Have you attempted any custom tweaks to your BookStack instance?** No custom tweaks, but it is running through a nginx proxy -> bluestack apache

OVERLORD commented 2026-02-05 01:01:03 +03:00

Author

Owner

Copy Link

@Flatlyn commented on GitHub (Dec 23, 2019):

I’m getting this issue too, but on a fresh, first-time install. Every other page works fine, but I can’t create any pages/chapters as click on a book returns a blank page (only the header bar is visible). Console errors are the same as coolfeathers — this.$el.getAttribute is not a function.

No custom header content, or tweaks, literally just installed fresh and this is what’s happening on first visit. It happens on all browsers, but not on the demo site.

Running Ubuntu 18 LTS with PHP 7.2-fpm

@Flatlyn commented on GitHub (Dec 23, 2019): I’m getting this issue too, but on a fresh, first-time install. Every other page works fine, but I can’t create any pages/chapters as click on a book returns a blank page (only the header bar is visible). Console errors are the same as coolfeathers — `this.$el.getAttribute is not a function`. No custom header content, or tweaks, literally just installed fresh and this is what’s happening on first visit. It happens on all browsers, but not on the demo site. Running Ubuntu 18 LTS with PHP 7.2-fpm

OVERLORD commented 2026-02-05 01:01:06 +03:00

Author

Owner

Copy Link

@Coolfeather2 commented on GitHub (Dec 23, 2019):

@ssddanbrown if you would like I can provide the url to my installation for testing via discord

@Coolfeather2 commented on GitHub (Dec 23, 2019): @ssddanbrown if you would like I can provide the url to my installation for testing via discord

OVERLORD commented 2026-02-05 01:01:10 +03:00

Author

Owner

Copy Link

@Flatlyn commented on GitHub (Dec 25, 2019):

@ssddanbrown Did some more digging and there is slightly more information from Firefox (although the issue still occurs there). When loading the site on Firefox, for a brief second the Pages content appears, then flashes away again.

Furthermore, Firefox generates an additional error of Content Security Policy: The page's settings blocked the loading of a resource at eval ("default-src"). 5 app.js:17353:23. That error isn't generated on the demo site either.

@Flatlyn commented on GitHub (Dec 25, 2019): @ssddanbrown Did some more digging and there is slightly more information from Firefox (although the issue still occurs there). When loading the site on Firefox, for a brief second the Pages content appears, then flashes away again. Furthermore, Firefox generates an additional error of `Content Security Policy: The page's settings blocked the loading of a resource at eval ("default-src"). 5 app.js:17353:23`. That error isn't generated on the demo site either.

OVERLORD commented 2026-02-05 01:01:11 +03:00

Author

Owner

Copy Link

@Flatlyn commented on GitHub (Dec 27, 2019):

@ssddanbrown @Coolfeather2 Got this issue solved, at least for me (partially anyway), but possibly for you too Coolfeather since you said you used Nginx as a reverse proxy. The issue was being cause by a line in the Nginx security config regarding the content-security-policy header. I had generated my config from nginxconfig.io and the default header were causing an issue.

This was the generated /etc/nginx/nginxconfig.io/security.io file

# security headers
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-referrer-when-downgrade" always;
add_header Content-Security-Policy "default-src 'self' http: https: data: blob: 'unsafe-inline'" always;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;

# . files
location ~ /\.(?!well-known) {
        deny all;
}

This is included in the server config with include nginxconfig.io/security.io, remove that line and replace with the following security info; the security.conf file itself could also be edited, but I didn't want to do that as I have other sites using that file as well.

The new block simply comments out the content-security-policy header.

# security headers
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-referrer-when-downgrade" always;
#add_header Content-Security-Policy "default-src 'self' http: https: data: blob: 'unsafe-inline'" always;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;

# . files
location ~ /\.(?!well-known) {
        deny all;
}

I'm listed it as a partial fix as the header should ideally be there, and I'm still not sure why the header is causing an issue for BookStack.

@Flatlyn commented on GitHub (Dec 27, 2019): @ssddanbrown @Coolfeather2 Got this issue solved, at least for me (partially anyway), but possibly for you too Coolfeather since you said you used Nginx as a reverse proxy. The issue was being cause by a line in the Nginx security config regarding the content-security-policy header. I had generated my config from nginxconfig.io and the default header were causing an issue. This was the generated /etc/nginx/nginxconfig.io/security.io file ``` # security headers add_header X-Frame-Options "SAMEORIGIN" always; add_header X-XSS-Protection "1; mode=block" always; add_header X-Content-Type-Options "nosniff" always; add_header Referrer-Policy "no-referrer-when-downgrade" always; add_header Content-Security-Policy "default-src 'self' http: https: data: blob: 'unsafe-inline'" always; add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always; # . files location ~ /\.(?!well-known) { deny all; } ``` This is included in the server config with `include nginxconfig.io/security.io`, remove that line and replace with the following security info; the security.conf file itself could also be edited, but I didn't want to do that as I have other sites using that file as well. The new block simply comments out the content-security-policy header. ``` # security headers add_header X-Frame-Options "SAMEORIGIN" always; add_header X-XSS-Protection "1; mode=block" always; add_header X-Content-Type-Options "nosniff" always; add_header Referrer-Policy "no-referrer-when-downgrade" always; #add_header Content-Security-Policy "default-src 'self' http: https: data: blob: 'unsafe-inline'" always; add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always; # . files location ~ /\.(?!well-known) { deny all; } ``` I'm listed it as a partial fix as the header should ideally be there, and I'm still not sure why the header is causing an issue for BookStack.

OVERLORD commented 2026-02-05 01:01:14 +03:00

Author

Owner

Copy Link

@Coolfeather2 commented on GitHub (Dec 27, 2019):

That fixed it for me too,

I copied the nginxconfig.io/security.io into my bookstack server block and dsabled the Content-Security-Policy

I suspect thats the only header causing the issue.

        # security
        #include nginxconfig.io/security.conf;
        # security headers
        add_header X-Frame-Options "SAMEORIGIN" always;
        add_header X-XSS-Protection "1; mode=block" always;
        add_header X-Content-Type-Options "nosniff" always;
        add_header Referrer-Policy "no-referrer-when-downgrade" always;
        #add_header Content-Security-Policy "default-src 'self' http: https: data: blob: 'unsafe-inline'" always;
        add_header Strict-Transport-Security "max-age=31536000" always;

@Coolfeather2 commented on GitHub (Dec 27, 2019): That fixed it for me too, I copied the nginxconfig.io/security.io into my bookstack server block and dsabled the `Content-Security-Policy` I suspect thats the only header causing the issue. ``` # security #include nginxconfig.io/security.conf; # security headers add_header X-Frame-Options "SAMEORIGIN" always; add_header X-XSS-Protection "1; mode=block" always; add_header X-Content-Type-Options "nosniff" always; add_header Referrer-Policy "no-referrer-when-downgrade" always; #add_header Content-Security-Policy "default-src 'self' http: https: data: blob: 'unsafe-inline'" always; add_header Strict-Transport-Security "max-age=31536000" always; ```

OVERLORD commented 2026-02-05 01:01:15 +03:00

Author

Owner

Copy Link

@ssddanbrown commented on GitHub (Dec 27, 2019):

Cool, Happy to hear you found the issue.

There's likely an eval statement in the output JS that's being blocked by CSP rules. I'm intending to look at including CSP into the platform itself soon, so that strict rules can be enabled by default while keeping in mind support for common edge cases where conflicts could occur; Will likely investigate deeper what CSP can affect and the issues that occur around that time.

@ssddanbrown commented on GitHub (Dec 27, 2019): Cool, Happy to hear you found the issue. There's likely an `eval` statement in the output JS that's being blocked by CSP rules. I'm intending to look at including CSP into the platform itself soon, so that strict rules can be enabled by default while keeping in mind support for common edge cases where conflicts could occur; Will likely investigate deeper what CSP can affect and the issues that occur around that time.

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

development

further_theme_development

l10n_development

release

llm_only

vectors

v25-11

docker_env

drawio_rendering

user_permissions

ldap_host_failover

svg_image

prosemirror

captcha_example

fix/video-export

v25.12.3

v25.12.2

v25.12.1

v25.12

v25.11.6

v25.11.5

v25.11.4

v24.11.4

v25.11.3

v25.11.2

v25.11.1

v25.11

v25.07.3

v25.07.2

v25.07.1

v25.07

v25.05.2

v25.05.1

v25.05

v25.02.5

v25.02.4

v25.02.3

v25.02.2

v25.02.1

v25.02

v24.12.1

v24.12

v24.10.3

v24.10.2

v24.10.1

v24.10

v24.05.4

v24.05.3

v24.05.2

v24.05.1

v24.05

v24.02.3

v24.02.2

v24.02.1

v24.02

v23.12.3

v23.12.2

v23.12.1

v23.12

v23.10.4

v23.10.3

v23.10.2

v23.10.1

v23.10

v23.08.3

v23.08.2

v23.08.1

v23.08

v23.06.2

v23.06.1

v23.06

v23.05.2

v23.05.1

v23.05

v23.02.3

v23.02.2

v23.02.1

v23.02

v23.01.1

v23.01

v22.11.1

v22.11

v22.10.2

v22.10.1

v22.10

v22.09.1

v22.09

v22.07.3

v22.07.2

v22.07.1

v22.07

v22.06.2

v22.06.1

v22.06

v22.04.2

v22.04.1

v22.04

v22.03.1

v22.03

v22.02.3

v22.02.2

v22.02.1

v22.02

v21.12.5

v21.12.4

v21.12.3

v21.12.2

v21.12.1

v21.12

v21.11.3

v21.11.2

v21.11.1

v21.11

v21.10.3

v21.10.2

v21.10.1

v21.10

v21.08.6

v21.08.5

v21.08.4

v21.08.3

v21.08.2

v21.08.1

v21.08

v21.05.4

v21.05.3

v21.05.2

v21.05.1

v21.05

v21.04.6

v21.04.5

v21.04.4

v21.04.3

v21.04.2

v21.04.1

v21.04

v0.31.8

v0.31.7

v0.31.6

v0.31.5

v0.31.4

v0.31.3

v0.31.2

v0.31.1

v0.31.0

v0.30.7

v0.30.6

v0.30.5

v0.30.4

v0.30.3

v0.30.2

v0.30.1

v0.30.0

v0.29.3

v0.29.2

v0.29.1

v0.29.0

v0.28.3

v0.28.2

v0.28.1

v0.28.0

v0.27.5

v0.27.4

v0.27.3

v0.27.2

v0.27.1

v0.27

v0.26.4

v0.26.3

v0.26.2

v0.26.1

v0.26.0

v0.25.5

v0.25.4

v0.25.3

v0.25.2

v0.25.1

v0.25.0

v0.24.3

v0.24.2

v0.24.1

v0.24.0

v0.23.2

v0.23.1

v0.23.0

v0.22.0

v0.21.0

v0.20.3

v0.20.2

v0.20.1

v0.20.0

v0.19.0

v0.18.5

v0.18.4

v0.18.3

v0.18.2

v0.18.1

v0.18.0

v0.17.4

v0.17.3

v0.17.2

v0.17.1

v0.17.0

v0.16.3

v0.16.2

v0.16.1

v0.16.0

v0.15.3

v0.15.2

v0.15.1

v0.15.0

v0.14.3

v0.14.2

v0.14.1

v0.14.0

v0.13.1

v0.13.0

v0.12.2

v0.12.1

v0.12.0

v0.11.2

v0.11.1

v0.11.0

v0.10.0

v0.9.3

v0.9.2

v0.9.1

v0.9.0

v0.8.2

v0.8.1

v0.8.0

v0.7.6

v0.7.5

v0.7.4

v0.7.3

0.7.2

v.0.7.1

v0.7.0

v0.6.3

v0.6.2

v0.6.1

v0.6.0

v0.5.0

Labels

Clear labels

🎨 Design

📖 Docs Update

🐛 Bug

🐛 Bug

:cat2:🐈 Possible duplicate

💿 Database

☕ Open to discussion

💻 Front-End

🐕 Support

🚪 Authentication

🌍 Translations

🔌 API Task

🏭 Back-End

⛲ Upstream

🔨 Feature Request

🛠️ Enhancement

🛠️ Enhancement

🛠️ Enhancement

❤️ Happy feedback

🔒 Security

🔍 Pending Validation

💆 UX

📝 WYSIWYG Editor

🌔 Out of scope

🔩 API Request

:octocat: Admin/Meta

🖌️ View Customization

❓ Question

🚀 Priority

🛡️ Blocked

🚚 Export System

♿ A11y

🔧 Maintenance

> Markdown Editor

pull-request

Mirrored from GitHub Pull Request

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/BookStack#1475