starred/pocket-id-pocket-id-1
1
0
Fork 0
mirror of https://github.com/pocket-id/pocket-id.git synced 2025-12-11 07:42:58 +03:00
Code Issues 122 Packages Projects Releases 10 Wiki Activity

🐛 Bug Report: Add passkey /login/setup Something went wrong, Error #1 #399

New Issue
Closed
opened 2025-10-08 00:07:01 +03:00 by OVERLORD · 7 comments
OVERLORD commented 2025-10-08 00:07:01 +03:00
Owner
Copy Link

Originally created by @moesix on GitHub.

Reproduction steps

Installed on Docker LXC
Through Nginx -> Cloudflare DNS Proxy
Through Nginx -> Cloudflare DNS Only
Through Nginx -> Cloudflare Zero Trust Tunnel -> Cloudflare DNS
PocketID -> Cloudflare Zero Trust Tunnel -> Cloudflare DNS

Go to domain.com/login/setup
Add passkey

Expected behavior

Add passkey success

Actual Behavior

Add passkey results in Something went wrong after adding the passkey to Android phone and Windows 11 device.

log output:
[GIN] 2025/01/18 - 16:37:10 | 200 | 9.307612ms | M.Y.I.P | GET "/api/webauthn/register/start"
[GIN] 2025/01/18 - 16:37:10 | 200 | 9.390363ms | M.Y.I.P | GET "/api/webauthn/register/start"
[GIN] 2025/01/18 - 16:37:15 | 500 | 1.936821ms | M.Y.I.P | POST "/api/webauthn/register/finish"
Error #01: Error validating origin
[GIN] 2025/01/18 - 16:37:15 | 500 | 1.997166ms | M.Y.I.P | POST "/api/webauthn/register/finish"
Error #01: Error validating origin

Other services on the same docker LXC works fine.

Originally created by @moesix on GitHub. ### Reproduction steps Installed on Docker LXC Through Nginx -> Cloudflare DNS Proxy Through Nginx -> Cloudflare DNS Only Through Nginx -> Cloudflare Zero Trust Tunnel -> Cloudflare DNS PocketID -> Cloudflare Zero Trust Tunnel -> Cloudflare DNS Go to domain.com/login/setup Add passkey ### Expected behavior Add passkey success ### Actual Behavior Add passkey results in _Something went wrong_ after adding the passkey to Android phone and Windows 11 device. log output: [GIN] 2025/01/18 - 16:37:10 | 200 | 9.307612ms | M.Y.I.P | GET "/api/webauthn/register/start" [GIN] 2025/01/18 - 16:37:10 | 200 | 9.390363ms | M.Y.I.P | GET "/api/webauthn/register/start" [GIN] 2025/01/18 - 16:37:15 | 500 | 1.936821ms | M.Y.I.P | POST "/api/webauthn/register/finish" Error #01: Error validating origin [GIN] 2025/01/18 - 16:37:15 | 500 | 1.997166ms | M.Y.I.P | POST "/api/webauthn/register/finish" Error #01: Error validating origin Other services on the same docker LXC works fine.
OVERLORD added the bug label 2025-10-08 00:07:01 +03:00
OVERLORD commented 2025-10-08 00:07:04 +03:00
Author
Owner
Copy Link

@steelsparky commented on GitHub:

Does PUBLIC_APP_URL match with the URL you access Pocket ID? If yes can you share the value of PUBLIC_APP_URL?

I was just having the same issue... and removed / from the end of address and now it works - thank you!

@steelsparky commented on GitHub: > Does `PUBLIC_APP_URL` match with the URL you access Pocket ID? If yes can you share the value of `PUBLIC_APP_URL`? I was just having the same issue... and removed / from the end of address and now it works - thank you!
OVERLORD commented 2025-10-08 00:07:04 +03:00
Author
Owner
Copy Link

@moesix commented on GitHub:

Yup I am. Cert given correctly in either scenario as a letsencrypt cert or a WE1 if over cloudflare proxy / zero trust tunnel.

@moesix commented on GitHub: Yup I am. Cert given correctly in either scenario as a letsencrypt cert or a WE1 if over cloudflare proxy / zero trust tunnel.
OVERLORD commented 2025-10-08 00:07:04 +03:00
Author
Owner
Copy Link

@kmendell commented on GitHub:

are you using https when access the initial setup?

@kmendell commented on GitHub: are you using https when access the initial setup?
OVERLORD commented 2025-10-08 00:07:05 +03:00
Author
Owner
Copy Link

@stonith404 commented on GitHub:

Does PUBLIC_APP_URL match with the URL you access Pocket ID? If yes can you share the value of PUBLIC_APP_URL?

@stonith404 commented on GitHub: Does `PUBLIC_APP_URL` match with the URL you access Pocket ID? If yes can you share the value of `PUBLIC_APP_URL`?
OVERLORD commented 2025-10-08 00:07:05 +03:00
Author
Owner
Copy Link

@moesix commented on GitHub:

Yes the PUBLIC_APP_URL matches. It's currently set to http://id.xxxxx.io

Browser loads to https://id.xxxx.io

Currently it's set to Cloudflare proxy dns only without ZT just to rule out ZT being the issue.

Nginx has
proxy_busy_buffers_size 512k;
proxy_buffers 4 512k;
proxy_buffer_size 256k;

@moesix commented on GitHub: Yes the PUBLIC_APP_URL matches. It's currently set to http://id.xxxxx.io Browser loads to https://id.xxxx.io Currently it's set to Cloudflare proxy dns only without ZT just to rule out ZT being the issue. Nginx has proxy_busy_buffers_size 512k; proxy_buffers 4 512k; proxy_buffer_size 256k;
OVERLORD commented 2025-10-08 00:07:07 +03:00
Author
Owner
Copy Link

@moesix commented on GitHub:

Wow ok yeah, that's a miss on my end. Thanks @stonith404 ! Working as expected now

@moesix commented on GitHub: Wow ok yeah, that's a miss on my end. Thanks @stonith404 ! Working as expected now
OVERLORD commented 2025-10-08 00:07:07 +03:00
Author
Owner
Copy Link

@stonith404 commented on GitHub:

http://id.layershift.io doesn't match to https://id.layershift.io. The protocol must match too.

@stonith404 commented on GitHub: `http://id.layershift.io` doesn't match to `https://id.layershift.io`. The protocol must match too.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
breaking
bug
documentation
feature
needs more upvotes
open to pull requests
pull-request
Mirrored from GitHub Pull Request
No Label bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
OVERLORD
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/pocket-id-pocket-id-1#399
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?