avatar_default.png broken on some pages #12391

New Issue

Closed

opened 2025-11-02 10:08:19 -06:00 by GiteaMirror · 8 comments

GiteaMirror commented 2025-11-02 10:08:19 -06:00

Owner

Copy Link

Originally created by @JanRomero on GitHub (Jan 26, 2024).

Description

New users who have not uploaded a custom avatar are shown with a broken image in our installation. The HTML generated for the big image on the user profile looks like this, which is clearly wrong:

As you can see, the path contains escaped forward slashes and is wrongly prefixed with “/avatars”.

In the install directory the image is set up under /custom/public/assets/img/avatar_default.png. I’m pretty sure that’s correct, because it is shown nicely on anonymous commits, where the generated HTML looks as expected.

Our config in app.ini looks like this. This is the entire section and it’s reflected in the admin panel. We don’t have any other avatar settings in the UI or in app.ini that I’m aware of.

[picture]
DISABLE_GRAVATAR = true
ENABLE_FEDERATED_AVATAR = false

If this is indeed a bug, I imagine it lives here, but I’m only browsing the source on github and don’t know what I’m doing: 534917d576/models/avatars/avatar.go (L60)

Thank you very much! Sorry if this is a misconfiguration on my end.

Screenshots

Gitea Version

1.21.4

Can you reproduce the bug on the Gitea demo site?

No

Operating System

Windows

Browser Version

Any

Originally created by @JanRomero on GitHub (Jan 26, 2024). ### Description New users who have not uploaded a custom avatar are shown with a broken image in our installation. The HTML generated for the big image on the user profile looks like this, which is clearly wrong:  As you can see, the path contains escaped forward slashes and is wrongly prefixed with “/avatars”. In the install directory the image is set up under `/custom/public/assets/img/avatar_default.png`. I’m pretty sure that’s correct, because it is shown nicely on anonymous commits, where [the generated HTML](https://github.com/go-gitea/gitea/assets/7873027/e56cb83d-8333-4900-942a-1f2548101f53) looks as expected. Our config in app.ini looks like this. This is the entire section and it’s reflected in the admin panel. We don’t have any other avatar settings in the UI or in app.ini that I’m aware of. ``` [picture] DISABLE_GRAVATAR = true ENABLE_FEDERATED_AVATAR = false ``` If this is indeed a bug, I imagine it lives here, but I’m only browsing the source on github and don’t know what I’m doing: https://github.com/go-gitea/gitea/blob/534917d57670d82703567131e2b33fd945e6f8cb/models/avatars/avatar.go#L60 Thank you very much! Sorry if this is a misconfiguration on my end. ### Screenshots  ### Gitea Version 1.21.4 ### Can you reproduce the bug on the Gitea demo site? No ### Operating System Windows ### Browser Version Any

GiteaMirror added the type/bug label 2025-11-02 10:08:19 -06:00

GiteaMirror closed this issue 2025-11-02 10:08:20 -06:00

GiteaMirror commented 2025-11-02 10:08:20 -06:00

Author

Owner

Copy Link

@wxiaoguang commented on GitHub (Jan 26, 2024):

It seems that you manually filled incorrect value to user's Avatar database column.

You should keep the user's Avatar database column empty if they doesn't have an avatar.

If you filled anything into user's Avatar database column , that value will be used as an existing avatar: "/avatars/" + escape(user.Avatar), then that's what you saw.

@wxiaoguang commented on GitHub (Jan 26, 2024): It seems that you manually filled incorrect value to user's Avatar database column. You should keep the user's Avatar database column empty if they doesn't have an avatar. If you filled anything into user's Avatar database column , that value will be used as an existing avatar: `"/avatars/" + escape(user.Avatar)`, then that's what you saw.

GiteaMirror commented 2025-11-02 10:08:20 -06:00

Author

Owner

Copy Link

@KN4CK3R commented on GitHub (Jan 26, 2024):

Looked at this too and there must be something invalid in the database. The field should just contain a hash and not some path.

@KN4CK3R commented on GitHub (Jan 26, 2024): Looked at this too and there must be something invalid in the database. The field should just contain a hash and not some path.

GiteaMirror commented 2025-11-02 10:08:20 -06:00

Author

Owner

Copy Link

@JanRomero commented on GitHub (Jan 26, 2024):

Hi, thanks for the quick replies. You’re right, the database column contains “/assets/img/avatar_default.png” for new users. They are created automatically on their first visit by the SPNEGO auth source, so I guess the problem lies there?

If I remove my avatar as an existing user, I get a hash in the database showing as some auto-generated geometry in the frontend (I feel like I should get avatar_default.png, but as long as it’s not a broken image I don’t mind).

@JanRomero commented on GitHub (Jan 26, 2024): Hi, thanks for the quick replies. You’re right, the database column contains “/assets/img/avatar_default.png” for new users. They are created automatically on their first visit by the SPNEGO auth source, so I guess the problem lies there? If I remove my avatar as an existing user, I get a hash in the database showing as some auto-generated geometry in the frontend (I feel like I should get avatar_default.png, but as long as it’s not a broken image I don’t mind).

GiteaMirror commented 2025-11-02 10:08:21 -06:00

Author

Owner

Copy Link

@wxiaoguang commented on GitHub (Jan 26, 2024):

the database column contains “/assets/img/avatar_default.png” for new users. They are created automatically on their first visit by the SPNEGO auth source, so I guess the problem lies there?

It looks like a bug ...... as old as #8463

@wxiaoguang commented on GitHub (Jan 26, 2024): > the database column contains “/assets/img/avatar_default.png” for new users. They are created automatically on their first visit by the SPNEGO auth source, so I guess the problem lies there? It looks like a bug ...... as old as #8463

GiteaMirror commented 2025-11-02 10:08:21 -06:00

Author

Owner

Copy Link

@KN4CK3R commented on GitHub (Jan 26, 2024):

Yep, that's wrong:
Avatar: avatars.DefaultAvatarLink(),

@wxiaoguang You or me?

@KN4CK3R commented on GitHub (Jan 26, 2024): Yep, that's wrong: `Avatar: avatars.DefaultAvatarLink(),` @wxiaoguang You or me?

GiteaMirror commented 2025-11-02 10:08:21 -06:00

Author

Owner

Copy Link

@wxiaoguang commented on GitHub (Jan 26, 2024):

Too late in my timezone, will go to bed 🤣 feel free to propose a fix 🙏

@wxiaoguang commented on GitHub (Jan 26, 2024): Too late in my timezone, will go to bed 🤣 feel free to propose a fix 🙏

GiteaMirror commented 2025-11-02 10:08:21 -06:00

Author

Owner

Copy Link

@JanRomero commented on GitHub (Jan 26, 2024):

Awesome, you guys are really fast! Appreciate it! Sorry I didn’t post the relevant details immediately.

@JanRomero commented on GitHub (Jan 26, 2024): Awesome, you guys are really fast! Appreciate it! Sorry I didn’t post the relevant details immediately.

GiteaMirror commented 2025-11-02 10:08:21 -06:00

Author

Owner

Copy Link

@wxiaoguang commented on GitHub (Feb 21, 2024):

wait for backport

@wxiaoguang commented on GitHub (Feb 21, 2024): wait for backport

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

release/v1.25

release/v1.24

release/v1.23

release/v1.22

release/v1.21

release/v1.20

release/v1.19

release/v1.18

release/v1.17

release/v1.16

release/v1.15

release/v1.14

release/v1.13

release/v1.12

release/v1.11

release/v1.10

release/v1.9

release/v1.8

v1.25.3

v1.25.2

v1.25.1

v1.25.0

v1.24.7

v1.25.0-rc0

v1.26.0-dev

v1.24.6

v1.24.5

v1.24.4

v1.24.3

v1.24.2

v1.24.1

v1.24.0

v1.23.8

v1.24.0-rc0

v1.25.0-dev

v1.23.7

v1.23.6

v1.23.5

v1.23.4

v1.23.3

v1.23.2

v1.23.1

v1.23.0

v1.23.0-rc0

v1.24.0-dev

v1.22.6

v1.22.5

v1.22.4

v1.22.3

v1.22.2

v1.22.1

v1.22.0

v1.23.0-dev

v1.22.0-rc1

v1.21.11

v1.22.0-rc0

v1.21.10

v1.21.9

v1.21.8

v1.21.7

v1.21.6

v1.21.5

v1.21.4

v1.21.3

v1.21.2

v1.20.6

v1.21.1

v1.21.0

v1.21.0-rc2

v1.21.0-rc1

v1.20.5

v1.22.0-dev

v1.21.0-rc0

v1.20.4

v1.20.3

v1.20.2

v1.20.1

v1.20.0

v1.19.4

v1.21.0-dev

v1.20.0-rc2

v1.20.0-rc1

v1.20.0-rc0

v1.19.3

v1.19.2

v1.19.1

v1.19.0

v1.19.0-rc1

v1.20.0-dev

v1.19.0-rc0

v1.18.5

v1.18.4

v1.18.3

v1.18.2

v1.18.1

v1.18.0

v1.17.4

v1.18.0-rc1

v1.19.0-dev

v1.18.0-rc0

v1.17.3

v1.17.2

v1.17.1

v1.17.0

v1.17.0-rc2

v1.16.9

v1.17.0-rc1

v1.18.0-dev

v1.16.8

v1.16.7

v1.16.6

v1.16.5

v1.16.4

v1.16.3

v1.16.2

v1.16.1

v1.16.0

v1.15.11

v1.17.0-dev

v1.16.0-rc1

v1.15.10

v1.15.9

v1.15.8

v1.15.7

v1.15.6

v1.15.5

v1.15.4

v1.15.3

v1.15.2

v1.15.1

v1.14.7

v1.15.0

v1.15.0-rc3

v1.14.6

v1.15.0-rc2

v1.14.5

v1.16.0-dev

v1.15.0-rc1

v1.14.4

v1.14.3

v1.14.2

v1.14.1

v1.14.0

v1.13.7

v1.14.0-rc2

v1.13.6

v1.13.5

v1.14.0-rc1

v1.15.0-dev

v1.13.4

v1.13.3

v1.13.2

v1.13.1

v1.13.0

v1.12.6

v1.13.0-rc2

v1.14.0-dev

v1.13.0-rc1

v1.12.5

v1.12.4

v1.12.3

v1.12.2

v1.12.1

v1.11.8

v1.12.0

v1.11.7

v1.12.0-rc2

v1.11.6

v1.12.0-rc1

v1.13.0-dev

v1.11.5

v1.11.4

v1.11.3

v1.10.6

v1.12.0-dev

v1.11.2

v1.10.5

v1.11.1

v1.10.4

v1.11.0

v1.11.0-rc2

v1.10.3

v1.11.0-rc1

v1.10.2

v1.10.1

v1.10.0

v1.9.6

v1.9.5

v1.10.0-rc2

v1.11.0-dev

v1.10.0-rc1

v1.9.4

v1.9.3

v1.9.2

v1.9.1

v1.9.0

v1.9.0-rc2

v1.10.0-dev

v1.9.0-rc1

v1.8.3

v1.8.2

v1.8.1

v1.8.0

v1.8.0-rc3

v1.7.6

v1.8.0-rc2

v1.7.5

v1.8.0-rc1

v1.9.0-dev

v1.7.4

v1.7.3

v1.7.2

v1.7.1

v1.7.0

v1.7.0-rc3

v1.6.4

v1.7.0-rc2

v1.6.3

v1.7.0-rc1

v1.7.0-dev

v1.6.2

v1.6.1

v1.6.0

v1.6.0-rc2

v1.5.3

v1.6.0-rc1

v1.6.0-dev

v1.5.2

v1.5.1

v1.5.0

v1.5.0-rc2

v1.5.0-rc1

v1.5.0-dev

v1.4.3

v1.4.2

v1.4.1

v1.4.0

v1.4.0-rc3

v1.4.0-rc2

v1.3.3

v1.4.0-rc1

v1.3.2

v1.3.1

v1.3.0

v1.3.0-rc2

v1.3.0-rc1

v1.2.3

v1.2.2

v1.2.1

v1.2.0

v1.2.0-rc3

v1.2.0-rc2

v1.1.4

v1.2.0-rc1

v1.1.3

v1.1.2

v1.1.1

v1.1.0

v1.0.2

v1.0.1

v1.0.0

v0.9.99

Labels

Clear labels

$20

$250

$50

$500

backport/done

💎 Bounty

docs-update-needed

good first issue

hacktoberfest

issue/bounty

issue/confirmed

issue/critical

issue/duplicate

issue/needs-feedback

issue/not-a-bug

issue/regression

issue/stale

issue/workaround

lgtm/need 2

modifies/api

modifies/translation

outdated/backport/v1.18

outdated/theme/markdown

outdated/theme/timetracker

performance/bigrepo

performance/cpu

performance/memory

performance/speed

pr/breaking

proposal/accepted

proposal/rejected

pr/wip

pull-request

Mirrored from GitHub Pull Request

reviewed/wontfix

💰 Rewarded

skip-changelog

status/blocked

topic/accessibility

topic/api

topic/authentication

topic/build

topic/code-linting

topic/commit-signing

topic/content-rendering

topic/deployment

topic/distribution

topic/federation

topic/gitea-actions

topic/issues

topic/lfs

topic/mobile

topic/moderation

topic/packages

topic/pr

topic/projects

topic/repo

topic/repo-migration

topic/security

topic/theme

topic/ui

topic/ui-interaction

topic/ux

topic/webhooks

topic/wiki

type/bug

type/deprecation

type/docs

type/enhancement

type/feature

type/miscellaneous

type/proposal

type/question

type/refactoring

type/summary

type/testing

type/upstream

No Label type/bug

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

GiteaMirror ninjasurge

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/gitea#12391