starred/jellyfin
1
0
Fork 0
mirror of https://github.com/jellyfin/jellyfin.git synced 2026-05-04 18:09:12 +03:00
Code Issues 822 Packages Projects Releases 10 Wiki Activity

[Issue]:API delete item return internal server error #5317

New Issue
Closed
opened 2026-02-07 01:41:14 +03:00 by OVERLORD · 10 comments
OVERLORD commented 2026-02-07 01:41:14 +03:00
Owner
Copy Link

Originally created by @jakikoske on GitHub (Dec 15, 2023).

Please describe your bug

When i'm trying to send an delete request for an item, i receive an internal server error.
API reference: http://localhost/Items/{itemId}

Jellyfin Version

10.8.z

if other:

10.8.13

Environment

Docker version 10.8.13 reinstalled on 15/12

Jellyfin logs

[2023-12-15 10:27:00.462 +00:00] [ERR] [54] Jellyfin.Server.Middleware.ExceptionMiddleware: Error processing request. URL "DELETE" "/Items/
372621b1233162b8ffff4357d4a9ad97".                                                                                                         
System.NullReferenceException: Object reference not set to an instance of an object.                                                       
   at MediaBrowser.Controller.Entities.BaseItem.IsAuthorizedToDelete(User user, List`1 allCollectionFolders)                               
   at MediaBrowser.Controller.Entities.BaseItem.CanDelete(User user, List`1 allCollectionFolders)                                          
   at MediaBrowser.Controller.Entities.BaseItem.CanDelete(User user)                                                                       
   at Jellyfin.Api.Controllers.LibraryController.DeleteItem(Guid itemId)                                                                   
   at lambda_method1048(Closure , Object )                                                                                                 
   at Microsoft.AspNetCore.Mvc.Infrastructure.ActionMethodExecutor.TaskOfActionResultExecutor.Execute(IActionResultTypeMapper mapper, Objec
tMethodExecutor executor, Object controller, Object[] arguments)                                                                           
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeActionMethodAsync>g__Awaited|12_0(ControllerActionInvoker invo
ker, ValueTask`1 actionResultValueTask)  
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeNextActionFilterAsync>g__Awaited|10_0(ControllerActionInvoker 
invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)                                                        
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Rethrow(ActionExecutedContextSealed context)                         
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted) 
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.InvokeInnerFilterAsync()                                             
--- End of stack trace from previous location ---                                                                                          
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeNextResourceFilter>g__Awaited|25_0(ResourceInvoker invoker, Task lastT
ask, State next, Scope scope, Object state, Boolean isCompleted)                                                                           
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Rethrow(ResourceExecutedContextSealed context)                               
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)         
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.InvokeFilterPipelineAsync()                                                  
--- End of stack trace from previous location ---                                                                                          
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeAsync>g__Awaited|17_0(ResourceInvoker invoker, Task task, IDisposable 
scope)  
at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeAsync>g__Awaited|17_0(ResourceInvoker invoker, Task task, IDisposable 
scope)                                                                                                                                     
   at Microsoft.AspNetCore.Routing.EndpointMiddleware.<Invoke>g__AwaitRequestTask|6_0(Endpoint endpoint, Task requestTask, ILogger logger) 
   at Jellyfin.Server.Middleware.ServerStartupMessageMiddleware.Invoke(HttpContext httpContext, IServerApplicationHost serverApplicationHos
t, ILocalizationManager localizationManager)                                                                                               
   at Jellyfin.Server.Middleware.WebSocketHandlerMiddleware.Invoke(HttpContext httpContext, IWebSocketManager webSocketManager)            
   at Jellyfin.Server.Middleware.IpBasedAccessValidationMiddleware.Invoke(HttpContext httpContext, INetworkManager networkManager)         
   at Jellyfin.Server.Middleware.LanFilteringMiddleware.Invoke(HttpContext httpContext, INetworkManager networkManager, IServerConfiguratio
nManager serverConfigurationManager)                                                                                                       
   at Microsoft.AspNetCore.Authorization.Policy.AuthorizationMiddlewareResultHandler.HandleAsync(RequestDelegate next, HttpContext context,
 AuthorizationPolicy policy, PolicyAuthorizationResult authorizeResult)                                                                    
   at Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.Invoke(HttpContext context)                                               
   at Jellyfin.Server.Middleware.QueryStringDecodingMiddleware.Invoke(HttpContext httpContext)                                             
   at Swashbuckle.AspNetCore.ReDoc.ReDocMiddleware.Invoke(HttpContext httpContext)                                                         
   at Swashbuckle.AspNetCore.SwaggerUI.SwaggerUIMiddleware.Invoke(HttpContext httpContext)                                                 
   at Swashbuckle.AspNetCore.Swagger.SwaggerMiddleware.Invoke(HttpContext httpContext, ISwaggerProvider swaggerProvider)                   
   at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)                                             
   at Jellyfin.Server.Middleware.RobotsRedirectionMiddleware.Invoke(HttpContext httpContext)                                               
   at Jellyfin.Server.Middleware.LegacyEmbyRouteRewriteMiddleware.Invoke(HttpContext httpContext)                                          
   at Jellyfin.Server.Middleware.ResponseTimeMiddleware.Invoke(HttpContext context, IServerConfigurationManager serverConfigurationManager)
   at Jellyfin.Server.Middleware.ExceptionMiddleware.Invoke(HttpContext context)

FFmpeg logs

No response

Please attach any browser or client logs here

Invoke-WebRequest : The remote server returned an error: (500) Internal Server Error.

Please attach any screenshots here

No response

Code of Conduct

  • I agree to follow this project's Code of Conduct
Originally created by @jakikoske on GitHub (Dec 15, 2023). ### Please describe your bug When i'm trying to send an delete request for an item, i receive an internal server error. API reference: http://localhost/Items/{itemId} ### Jellyfin Version 10.8.z ### if other: 10.8.13 ### Environment ```markdown Docker version 10.8.13 reinstalled on 15/12 ``` ### Jellyfin logs ```shell [2023-12-15 10:27:00.462 +00:00] [ERR] [54] Jellyfin.Server.Middleware.ExceptionMiddleware: Error processing request. URL "DELETE" "/Items/ 372621b1233162b8ffff4357d4a9ad97". System.NullReferenceException: Object reference not set to an instance of an object. at MediaBrowser.Controller.Entities.BaseItem.IsAuthorizedToDelete(User user, List`1 allCollectionFolders) at MediaBrowser.Controller.Entities.BaseItem.CanDelete(User user, List`1 allCollectionFolders) at MediaBrowser.Controller.Entities.BaseItem.CanDelete(User user) at Jellyfin.Api.Controllers.LibraryController.DeleteItem(Guid itemId) at lambda_method1048(Closure , Object ) at Microsoft.AspNetCore.Mvc.Infrastructure.ActionMethodExecutor.TaskOfActionResultExecutor.Execute(IActionResultTypeMapper mapper, Objec tMethodExecutor executor, Object controller, Object[] arguments) at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeActionMethodAsync>g__Awaited|12_0(ControllerActionInvoker invo ker, ValueTask`1 actionResultValueTask) at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeNextActionFilterAsync>g__Awaited|10_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted) at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Rethrow(ActionExecutedContextSealed context) at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted) at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.InvokeInnerFilterAsync() --- End of stack trace from previous location --- at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeNextResourceFilter>g__Awaited|25_0(ResourceInvoker invoker, Task lastT ask, State next, Scope scope, Object state, Boolean isCompleted) at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Rethrow(ResourceExecutedContextSealed context) at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted) at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.InvokeFilterPipelineAsync() --- End of stack trace from previous location --- at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeAsync>g__Awaited|17_0(ResourceInvoker invoker, Task task, IDisposable scope) at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeAsync>g__Awaited|17_0(ResourceInvoker invoker, Task task, IDisposable scope) at Microsoft.AspNetCore.Routing.EndpointMiddleware.<Invoke>g__AwaitRequestTask|6_0(Endpoint endpoint, Task requestTask, ILogger logger) at Jellyfin.Server.Middleware.ServerStartupMessageMiddleware.Invoke(HttpContext httpContext, IServerApplicationHost serverApplicationHos t, ILocalizationManager localizationManager) at Jellyfin.Server.Middleware.WebSocketHandlerMiddleware.Invoke(HttpContext httpContext, IWebSocketManager webSocketManager) at Jellyfin.Server.Middleware.IpBasedAccessValidationMiddleware.Invoke(HttpContext httpContext, INetworkManager networkManager) at Jellyfin.Server.Middleware.LanFilteringMiddleware.Invoke(HttpContext httpContext, INetworkManager networkManager, IServerConfiguratio nManager serverConfigurationManager) at Microsoft.AspNetCore.Authorization.Policy.AuthorizationMiddlewareResultHandler.HandleAsync(RequestDelegate next, HttpContext context, AuthorizationPolicy policy, PolicyAuthorizationResult authorizeResult) at Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.Invoke(HttpContext context) at Jellyfin.Server.Middleware.QueryStringDecodingMiddleware.Invoke(HttpContext httpContext) at Swashbuckle.AspNetCore.ReDoc.ReDocMiddleware.Invoke(HttpContext httpContext) at Swashbuckle.AspNetCore.SwaggerUI.SwaggerUIMiddleware.Invoke(HttpContext httpContext) at Swashbuckle.AspNetCore.Swagger.SwaggerMiddleware.Invoke(HttpContext httpContext, ISwaggerProvider swaggerProvider) at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context) at Jellyfin.Server.Middleware.RobotsRedirectionMiddleware.Invoke(HttpContext httpContext) at Jellyfin.Server.Middleware.LegacyEmbyRouteRewriteMiddleware.Invoke(HttpContext httpContext) at Jellyfin.Server.Middleware.ResponseTimeMiddleware.Invoke(HttpContext context, IServerConfigurationManager serverConfigurationManager) at Jellyfin.Server.Middleware.ExceptionMiddleware.Invoke(HttpContext context) ``` ### FFmpeg logs _No response_ ### Please attach any browser or client logs here Invoke-WebRequest : The remote server returned an error: (500) Internal Server Error. ### Please attach any screenshots here _No response_ ### Code of Conduct - [X] I agree to follow this project's Code of Conduct
OVERLORD added the bug label 2026-02-07 01:41:14 +03:00
OVERLORD commented 2026-02-07 01:41:17 +03:00
Author
Owner
Copy Link

@nielsvanvelzen commented on GitHub (Dec 15, 2023):

How did you authorize the request?

@nielsvanvelzen commented on GitHub (Dec 15, 2023): How did you authorize the request?
OVERLORD commented 2026-02-07 01:41:18 +03:00
Author
Owner
Copy Link

@jakikoske commented on GitHub (Dec 15, 2023):

How did you authorize the request?

Hi Niels,

I tried using the querystring ApiKey and with the header for authentication "mediabrowser token=".
Both didn't seem to work for me.

@jakikoske commented on GitHub (Dec 15, 2023): > How did you authorize the request? Hi Niels, I tried using the querystring ApiKey and with the header for authentication "mediabrowser token=". Both didn't seem to work for me.
OVERLORD commented 2026-02-07 01:41:19 +03:00
Author
Owner
Copy Link

@nielsvanvelzen commented on GitHub (Dec 15, 2023):

Did you use a user access token? I believe this specific API does not work with api keys.

@nielsvanvelzen commented on GitHub (Dec 15, 2023): Did you use a user access token? I believe this specific API does not work with api keys.
OVERLORD commented 2026-02-07 01:41:21 +03:00
Author
Owner
Copy Link

@jakikoske commented on GitHub (Dec 15, 2023):

indeed it works with the user auth. It was not clear to me that the API was not able to do this with just the apikey.

@jakikoske commented on GitHub (Dec 15, 2023): indeed it works with the user auth. It was not clear to me that the API was not able to do this with just the apikey.
OVERLORD commented 2026-02-07 01:41:22 +03:00
Author
Owner
Copy Link

@felix920506 commented on GitHub (Dec 16, 2023):

Under this circumstance shouldn't it return a "401 Unauthorized" instead of a 5xx error?

@felix920506 commented on GitHub (Dec 16, 2023): Under this circumstance shouldn't it return a "401 Unauthorized" instead of a 5xx error?
OVERLORD commented 2026-02-07 01:41:22 +03:00
Author
Owner
Copy Link

@nielsvanvelzen commented on GitHub (Dec 16, 2023):

Yes but it's the Jellyfin API

@nielsvanvelzen commented on GitHub (Dec 16, 2023): Yes but it's the Jellyfin API
OVERLORD commented 2026-02-07 01:41:23 +03:00
Author
Owner
Copy Link

@Schaka commented on GitHub (Feb 15, 2024):

Would you mind elaborating how to delete items?

Do I have to call the Authenticate Endpoint, remember the AccessToken and use that in the Authorization header?

@Schaka commented on GitHub (Feb 15, 2024): Would you mind elaborating how to delete items? Do I have to call the Authenticate Endpoint, remember the AccessToken and use that in the Authorization header?
OVERLORD commented 2026-02-07 01:41:24 +03:00
Author
Owner
Copy Link

@jakikoske commented on GitHub (Feb 15, 2024):

Would you mind elaborating how to delete items?

Do I have to call the Authenticate Endpoint, remember the AccessToken and use that in the Authorization header?

Hi i used the following api's:
to get the usertoken:
header contains the server auth token
"http://$ip/Users/$uid/Authenticate?pw=password" -Headers $headers -Method Post

to delete the item:
mediabrowser token is now the accesstoken of the previous request
"http://$ip:8096/Items/$id" -Headers $headers -Method Delete

@jakikoske commented on GitHub (Feb 15, 2024): > Would you mind elaborating how to delete items? > > Do I have to call the Authenticate Endpoint, remember the AccessToken and use that in the Authorization header? Hi i used the following api's: to get the usertoken: header contains the server auth token "http://$ip/Users/$uid/Authenticate?pw=password" -Headers $headers -Method Post to delete the item: mediabrowser token is now the accesstoken of the previous request "http://$ip:8096/Items/$id" -Headers $headers -Method Delete
OVERLORD commented 2026-02-07 01:41:24 +03:00
Author
Owner
Copy Link

@Schaka commented on GitHub (Feb 15, 2024):

In my case, I need to force

headers.set("X-Emby-Authorization", "MediaBrowser Client=\"Janitorr\", Device=\"Spring Boot\", DeviceId=\"Janitorr-Device-Id\", Version=\"1.0\"")
@Schaka commented on GitHub (Feb 15, 2024): In my case, I need to force ```Java headers.set("X-Emby-Authorization", "MediaBrowser Client=\"Janitorr\", Device=\"Spring Boot\", DeviceId=\"Janitorr-Device-Id\", Version=\"1.0\"") ```
OVERLORD commented 2026-02-07 01:41:25 +03:00
Author
Owner
Copy Link

@jumoog commented on GitHub (Mar 9, 2024):

My understanding is that the API Token can perform all non-user specific functions. So from my point of view this is a bug.

@jumoog commented on GitHub (Mar 9, 2024): My understanding is that the API Token can perform all non-user specific functions. So from my point of view this is a bug.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
EFjellyfin.db
area:database
awaiting-feedback
backend
blocked
breaking change: web api
bug
build
ci
confirmed
discussion needed
dotnet future
downstream
duplicate
enhancement
feature
future
github-actions
good first issue
hdr
help wanted
invalid
investigation
librarydb
live-tv
lyrics
media playback
music
needs testing
nuget
performance
platform
pull-request
Mirrored from GitHub Pull Request
 question
regression
release critical
requires-web
roadmap
security
security
stale
support
syncplay
ui & ux
upstream
wontfix
No Label bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
OVERLORD
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/jellyfin#5317
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?