IIS Reverse Proxy Access Denied git push https #4664

New Issue

Closed

opened 2025-11-02 05:58:41 -06:00 by GiteaMirror · 7 comments

GiteaMirror commented 2025-11-02 05:58:41 -06:00

Owner

Copy Link

Originally created by @iamdoubz on GitHub (Jan 16, 2020).

• Gitea version (or commit ref): 1.11.0+rc1-24-g6d1f7e90c
• Git version: Server (2.25.0.windows.1) Client (2.24.1.windows.2)
• Operating system: Windows Server 2012 R2
• Database (use [x]):
  • PostgreSQL
  • MySQL (MariaDB Server version: 10.1.34-MariaDB)
  • MSSQL
  • SQLite
• Can you reproduce the bug at https://try.gitea.io:
  • Yes (provide example URL)
  • No
  • Not relevant (server isn't being served by IIS reverse proxy)
• Log gist:

2020/01/16 13:06:27 cmd/web.go:161:runWeb() [I] Listen: http://0.0.0.0:3000/gitea
2020/01/16 13:06:27 cmd/web.go:164:runWeb() [I] LFS server enabled
2020/01/16 13:06:27 ...s/graceful/server.go:53:NewServer() [I] Starting new server: tcp:0.0.0.0:3000 on PID: 6532
2020/01/16 13:06:27 ...s/graceful/server.go:64:func1() [D] Starting server on tcp:0.0.0.0:3000 (PID: 6532)
2020/01/16 13:07:01 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT `id`, `type`, `name`, `is_actived`, `is_sync_enabled`, `cfg`, `created_unix`, `updated_unix` FROM `login_source` WHERE (is_actived = ? and type = ?) []interface {}{true, 7} - took: 2.3903ms
2020/01/16 13:07:01 ...s/context/context.go:330:func1() [D] Session ID: b761444db8912ef4
2020/01/16 13:07:01 ...s/context/context.go:331:func1() [D] CSRF Token: 0KmV0rAH-Ilg3DQ68KhUjPWFngg6MTU3OTIwMTYyMTMxMTIxMjcwMA
2020/01/16 13:07:01 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT `id`, `lower_name`, `name`, `full_name`, `email`, `keep_email_private`, `email_notifications_preference`, `passwd`, `passwd_hash_algo`, `must_change_password`, `login_type`, `login_source`, `login_name`, `type`, `location`, `website`, `rands`, `salt`, `language`, `description`, `created_unix`, `updated_unix`, `last_login_unix`, `last_repo_visibility`, `max_repo_creation`, `is_active`, `is_admin`, `allow_git_hook`, `allow_import_local`, `allow_create_organization`, `prohibit_login`, `avatar`, `avatar_email`, `use_custom_avatar`, `num_followers`, `num_following`, `num_stars`, `num_repos`, `num_teams`, `num_members`, `visibility`, `repo_admin_change_team_access`, `diff_view_style`, `theme` FROM `user` WHERE `lower_name`=? LIMIT 1 []interface {}{"fmlastname"} - took: 1.0002ms
2020/01/16 13:07:01 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT `id`, `owner_id`, `lower_name`, `name`, `description`, `website`, `original_service_type`, `original_url`, `default_branch`, `num_watches`, `num_stars`, `num_forks`, `num_issues`, `num_closed_issues`, `num_pulls`, `num_closed_pulls`, `num_milestones`, `num_closed_milestones`, `is_private`, `is_empty`, `is_archived`, `is_mirror`, `status`, `is_fork`, `fork_id`, `is_template`, `template_id`, `size`, `is_fsck_enabled`, `close_issues_via_commit_in_any_branch`, `topics`, `avatar`, `created_unix`, `updated_unix` FROM `repository` WHERE `owner_id`=? AND `lower_name`=? LIMIT 1 []interface {}{3, "oracle-instantclient12"} - took: 998.9µs
2020/01/16 13:07:01 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT `id`, `type`, `name`, `is_actived`, `is_sync_enabled`, `cfg`, `created_unix`, `updated_unix` FROM `login_source` WHERE (is_actived = ? and type = ?) []interface {}{true, 7} - took: 1.2491ms
2020/01/16 13:07:01 ...s/context/context.go:330:func1() [D] Session ID: 41e64d0daae50bc6
2020/01/16 13:07:01 ...s/context/context.go:331:func1() [D] CSRF Token: oknhHx_X7tn1bLQawNA-y28pON86MTU3OTIwMTYyMTc0MzQ2ODMwMA
2020/01/16 13:07:01 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT `id`, `lower_name`, `name`, `full_name`, `email`, `keep_email_private`, `email_notifications_preference`, `passwd`, `passwd_hash_algo`, `must_change_password`, `login_type`, `login_source`, `login_name`, `type`, `location`, `website`, `rands`, `salt`, `language`, `description`, `created_unix`, `updated_unix`, `last_login_unix`, `last_repo_visibility`, `max_repo_creation`, `is_active`, `is_admin`, `allow_git_hook`, `allow_import_local`, `allow_create_organization`, `prohibit_login`, `avatar`, `avatar_email`, `use_custom_avatar`, `num_followers`, `num_following`, `num_stars`, `num_repos`, `num_teams`, `num_members`, `visibility`, `repo_admin_change_team_access`, `diff_view_style`, `theme` FROM `user` WHERE `lower_name`=? LIMIT 1 []interface {}{"fmlastname"} - took: 0s
2020/01/16 13:07:01 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT `id`, `owner_id`, `lower_name`, `name`, `description`, `website`, `original_service_type`, `original_url`, `default_branch`, `num_watches`, `num_stars`, `num_forks`, `num_issues`, `num_closed_issues`, `num_pulls`, `num_closed_pulls`, `num_milestones`, `num_closed_milestones`, `is_private`, `is_empty`, `is_archived`, `is_mirror`, `status`, `is_fork`, `fork_id`, `is_template`, `template_id`, `size`, `is_fsck_enabled`, `close_issues_via_commit_in_any_branch`, `topics`, `avatar`, `created_unix`, `updated_unix` FROM `repository` WHERE `owner_id`=? AND `lower_name`=? LIMIT 1 []interface {}{3, "oracle-instantclient12"} - took: 1.0559ms
2020/01/16 13:07:01 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT `id`, `repo_id`, `type`, `config`, `created_unix` FROM `repo_unit` WHERE (repo_id = ?) []interface {}{3} - took: 1.0864ms
2020/01/16 13:07:01 ...s/repo_permission.go:149:func1() [T] Permission Loaded for anonymous user in 824753133376:fmlastname/Oracle-Instantclient12:
	Permissions: AccessMode: 824753134576:read, 5 Units, 0 UnitsMode(s): [ 
	Units[0]: ID: 824753133616 RepoID: 824753133744 Type: 824753134624:UnitTypeCode Config: {}
	Units[1]: ID: 824753133952 RepoID: 824753134000 Type: 824753134768:UnitTypeIssues Config: {"EnableTimetracker":true,"AllowOnlyContributorsToTrackTime":true,"EnableDependencies":true}
	Units[2]: ID: 824753134160 RepoID: 824753134192 Type: 824753134816:UnitTypePullRequests Config: {"IgnoreWhitespaceConflicts":false,"AllowMerge":true,"AllowRebase":true,"AllowRebaseMerge":true,"AllowSquash":true}
	Units[3]: ID: 824753134320 RepoID: 824753134416 Type: 824753134848:UnitTypeReleases Config: {}
	Units[4]: ID: 824753134480 RepoID: 824753134528 Type: 824753134880:UnitTypeWiki Config: {} ]
2020/01/16 13:07:01 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT count(*) FROM `release` WHERE repo_id=? AND is_draft=? []interface {}{3, false} - took: 2.3503ms
2020/01/16 13:07:01 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT topic.* FROM `topic` INNER JOIN repo_topic ON repo_topic.topic_id = topic.id WHERE repo_topic.repo_id=? ORDER BY `topic`.`repo_count` DESC []interface {}{3} - took: 3.0021ms
2020/01/16 13:07:01 ...s/charset/charset.go:121:DetectEncoding() [D] Detected encoding: utf-8 (fast)
2020/01/16 13:07:01 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT `id`, `lower_name`, `name`, `full_name`, `email`, `keep_email_private`, `email_notifications_preference`, `passwd`, `passwd_hash_algo`, `must_change_password`, `login_type`, `login_source`, `login_name`, `type`, `location`, `website`, `rands`, `salt`, `language`, `description`, `created_unix`, `updated_unix`, `last_login_unix`, `last_repo_visibility`, `max_repo_creation`, `is_active`, `is_admin`, `allow_git_hook`, `allow_import_local`, `allow_create_organization`, `prohibit_login`, `avatar`, `avatar_email`, `use_custom_avatar`, `num_followers`, `num_following`, `num_stars`, `num_repos`, `num_teams`, `num_members`, `visibility`, `repo_admin_change_team_access`, `diff_view_style`, `theme` FROM `user` WHERE `email`=? LIMIT 1 []interface {}{"first.m.lastname@my.domain"} - took: 999.5µs
2020/01/16 13:07:01 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT `id`, `lower_name`, `name`, `full_name`, `email`, `keep_email_private`, `email_notifications_preference`, `passwd`, `passwd_hash_algo`, `must_change_password`, `login_type`, `login_source`, `login_name`, `type`, `location`, `website`, `rands`, `salt`, `language`, `description`, `created_unix`, `updated_unix`, `last_login_unix`, `last_repo_visibility`, `max_repo_creation`, `is_active`, `is_admin`, `allow_git_hook`, `allow_import_local`, `allow_create_organization`, `prohibit_login`, `avatar`, `avatar_email`, `use_custom_avatar`, `num_followers`, `num_following`, `num_stars`, `num_repos`, `num_teams`, `num_members`, `visibility`, `repo_admin_change_team_access`, `diff_view_style`, `theme` FROM `user` WHERE `email`=? LIMIT 1 []interface {}{"first.m.lastname@my.domain"} - took: 999.7µs
2020/01/16 13:07:01 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT max( id ) as id FROM `commit_status` WHERE (repo_id = ?) AND (sha = ?) GROUP BY context_hash ORDER BY max( id ) desc LIMIT 10 []interface {}{3, "2d9bc37355328c73b1faaa99804dfa81a7849c2c"} - took: 1.1075ms
2020/01/16 13:07:01 ...s/context/context.go:139:HTML() [D] Template: repo/home
2020/01/16 13:07:09 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT `id`, `type`, `name`, `is_actived`, `is_sync_enabled`, `cfg`, `created_unix`, `updated_unix` FROM `login_source` WHERE (is_actived = ? and type = ?) []interface {}{true, 7} - took: 14.6681ms
2020/01/16 13:07:09 ...s/context/context.go:330:func1() [D] Session ID: 869b719f3d8df24e
2020/01/16 13:07:09 ...s/context/context.go:331:func1() [D] CSRF Token: q0S2kcuXfASn49fvrLaDGncsf4I6MTU3OTIwMTYyOTM4MDE0MTAwMA
2020/01/16 13:07:09 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT `id`, `lower_name`, `name`, `full_name`, `email`, `keep_email_private`, `email_notifications_preference`, `passwd`, `passwd_hash_algo`, `must_change_password`, `login_type`, `login_source`, `login_name`, `type`, `location`, `website`, `rands`, `salt`, `language`, `description`, `created_unix`, `updated_unix`, `last_login_unix`, `last_repo_visibility`, `max_repo_creation`, `is_active`, `is_admin`, `allow_git_hook`, `allow_import_local`, `allow_create_organization`, `prohibit_login`, `avatar`, `avatar_email`, `use_custom_avatar`, `num_followers`, `num_following`, `num_stars`, `num_repos`, `num_teams`, `num_members`, `visibility`, `repo_admin_change_team_access`, `diff_view_style`, `theme` FROM `user` WHERE `lower_name`=? LIMIT 1 []interface {}{"fmlastname"} - took: 998.3µs
2020/01/16 13:07:09 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT `id`, `owner_id`, `lower_name`, `name`, `description`, `website`, `original_service_type`, `original_url`, `default_branch`, `num_watches`, `num_stars`, `num_forks`, `num_issues`, `num_closed_issues`, `num_pulls`, `num_closed_pulls`, `num_milestones`, `num_closed_milestones`, `is_private`, `is_empty`, `is_archived`, `is_mirror`, `status`, `is_fork`, `fork_id`, `is_template`, `template_id`, `size`, `is_fsck_enabled`, `close_issues_via_commit_in_any_branch`, `topics`, `avatar`, `created_unix`, `updated_unix` FROM `repository` WHERE `owner_id`=? AND `lower_name`=? LIMIT 1 []interface {}{3, "oracle-instantclient12"} - took: 1.0004ms

Description

When an end user goes to git push origin master, if they use SSH, everything is all fine and dandy. If they are using HTTPS, they are met with:

fmlastname@computer MINGW64 ~/Documents/00. Documentation/Gitea/Oracle-Instantclient12 (master)
$ git push origin master
fatal: Authentication failed for 'https://my.domain/gitea/fmlastname/Oracle-Instantclient12.git/'

YES, stored credentials have been removed from Windows Credential Manager, computer restarted, and user is using exact same credentials as they use to log in via the web.

What I've tried

1. Changing app.ini things:

ENABLE_REVERSE_PROXY_AUTHENTICATION = true/false
ENABLE_REVERSE_PROXY_AUTO_REGISTRATION = true/false

2. Adding the request filtering suggested by others here and also this one.

3. Tried adding rights to the repo folder to the IIS application pool as suggested here.

Additional

IIS Logs

2020-01-16 18:49:03 192.168.10.3 GET /gitea/fmlastname/Oracle-Instantclient12.git/info/refs service=git-upload-pack&X-ARR-CACHE-HIT=0&SERVER-ROUTED=LOCALHOST&X-ARR-LOG-ID=47538f8c-7074-4cf9-bda2-6a540c25f898&SERVER-STATUS=200 443 - 192.168.10.17 git/2.24.1.windows.2 - 200 0 0 102
2020-01-16 18:49:21 192.168.10.3 POST /gitea/fmlastname/Oracle-Instantclient12.git/git-upload-pack X-ARR-CACHE-HIT=0&SERVER-ROUTED=LOCALHOST&X-ARR-LOG-ID=a6b5e247-db38-45a4-b843-e7dcdda29db4&SERVER-STATUS=200 443 - 192.168.10.17 git/2.24.1.windows.2 - 200 0 0 18976
2020-01-16 18:52:10 192.168.10.3 GET /gitea/fmlastname/Oracle-Instantclient12.git/info/refs service=git-receive-pack&X-ARR-CACHE-HIT=0&SERVER-ROUTED=LOCALHOST&X-ARR-LOG-ID=a6322c68-d5ff-4006-9b6e-b44bbb466f0d&SERVER-STATUS=401 443 - 192.168.10.17 git/2.24.1.windows.2 - 401 0 0 25
2020-01-16 18:52:10 192.168.10.3 HEAD /gitea/fmlastname/Oracle-Instantclient12.git X-ARR-CACHE-HIT=0&SERVER-ROUTED=LOCALHOST&X-ARR-LOG-ID=efafb5e3-a6f4-4992-84c7-df06a6e32d3d&SERVER-STATUS=200 443 - 192.168.10.17 git-credential-manager+(Microsoft+Windows+NT+6.2.9200.0;+Win32NT;+x64)+CLR/4.0.30319+git-tools/1.20.0 - 200 0 0 44
2020-01-16 18:53:14 192.168.10.3 GET /gitea/fmlastname/Oracle-Instantclient12.git/info/refs service=git-receive-pack&X-ARR-CACHE-HIT=0&SERVER-ROUTED=LOCALHOST&X-ARR-LOG-ID=696b009f-1102-4331-8ed4-05062206999a&SERVER-STATUS=401 443 - 192.168.10.17 git/2.24.1.windows.2 - 401 0 0 25
2020-01-16 18:53:14 192.168.10.3 GET /gitea/fmlastname/Oracle-Instantclient12.git/info/refs service=git-receive-pack 443 - 192.168.10.17 git/2.24.1.windows.2 - 401 1 3221226331 40
2020-01-16 18:54:28 192.168.10.3 GET /gitea/fmlastname/Oracle-Instantclient12.git/info/refs service=git-receive-pack&X-ARR-CACHE-HIT=0&SERVER-ROUTED=LOCALHOST&X-ARR-LOG-ID=9f5ff0fd-09c7-4f19-9c4c-36c0623f15ff&SERVER-STATUS=401 443 - 192.168.10.17 git/2.24.1.windows.2 - 401 0 0 21
2020-01-16 18:54:28 192.168.10.3 GET /gitea/fmlastname/Oracle-Instantclient12.git/info/refs service=git-receive-pack&X-ARR-CACHE-HIT=0&SERVER-ROUTED=LOCALHOST&X-ARR-LOG-ID=74aed741-40e6-4076-9ce7-53e9515168c6&SERVER-STATUS=401 443 - 192.168.10.17 git/2.24.1.windows.2 - 401 0 0 18
2020-01-16 18:54:28 192.168.10.3 GET /gitea/fmlastname/Oracle-Instantclient12.git/info/refs service=git-receive-pack 443 - 192.168.10.17 git/2.24.1.windows.2 - 401 1 3221226331 46
...
2020-01-16 19:07:01 192.168.10.3 GET /gitea/fmlastname/Oracle-Instantclient12.git/info/refs service=git-receive-pack&X-ARR-CACHE-HIT=0&SERVER-ROUTED=LOCALHOST&X-ARR-LOG-ID=fa18889c-db18-4d31-949d-9e8061eeccb0&SERVER-STATUS=401 443 - 192.168.10.17 git/2.24.1.windows.2 - 401 0 0 18
2020-01-16 19:07:01 192.168.10.3 HEAD /gitea/fmlastname/Oracle-Instantclient12.git X-ARR-CACHE-HIT=0&SERVER-ROUTED=LOCALHOST&X-ARR-LOG-ID=8bd6352e-d339-4ac9-afe7-5b42a9e951af&SERVER-STATUS=200 443 - 192.168.10.17 git-credential-manager+(Microsoft+Windows+NT+6.2.9200.0;+Win32NT;+x64)+CLR/4.0.30319+git-tools/1.20.0 - 200 0 0 138
2020-01-16 19:07:09 192.168.10.3 GET /gitea/fmlastname/Oracle-Instantclient12.git/info/refs service=git-receive-pack&X-ARR-CACHE-HIT=0&SERVER-ROUTED=LOCALHOST&X-ARR-LOG-ID=e354b983-1977-42f5-a567-21511a6b9b8e&SERVER-STATUS=401 443 - 192.168.10.17 git/2.24.1.windows.2 - 401 0 0 20
2020-01-16 19:07:09 192.168.10.3 GET /gitea/fmlastname/Oracle-Instantclient12.git/info/refs service=git-receive-pack 443 - 192.168.10.17 git/2.24.1.windows.2 - 401 1 3221226331 30

My environment

1. Compiled from source and built using git clone https://github.com/go-gitea/gitea.git&&git checkout release/v1.11&&TAGS="bindata sqlite sqlite_unlock_notify" make build
2. Go v1.13.6
3. Make v4.2
4. Gitea v1.11.0+rc1-24-g6d1f7e90c
5. IIS reverse proxy to localhost on custom port

Screenshots

N/A

Originally created by @iamdoubz on GitHub (Jan 16, 2020). - Gitea version (or commit ref): **1.11.0+rc1-24-g6d1f7e90c** - Git version: **Server** (2.25.0.windows.1) **Client** (2.24.1.windows.2) - Operating system: **Windows Server 2012 R2** - Database (use `[x]`): - [ ] PostgreSQL - [x] MySQL (MariaDB Server version: 10.1.34-MariaDB) - [ ] MSSQL - [ ] SQLite - Can you reproduce the bug at https://try.gitea.io: - [ ] Yes (provide example URL) - [ ] No - [x] Not relevant (server isn't being served by IIS reverse proxy) - Log gist: ``` 2020/01/16 13:06:27 cmd/web.go:161:runWeb() [I] Listen: http://0.0.0.0:3000/gitea 2020/01/16 13:06:27 cmd/web.go:164:runWeb() [I] LFS server enabled 2020/01/16 13:06:27 ...s/graceful/server.go:53:NewServer() [I] Starting new server: tcp:0.0.0.0:3000 on PID: 6532 2020/01/16 13:06:27 ...s/graceful/server.go:64:func1() [D] Starting server on tcp:0.0.0.0:3000 (PID: 6532) 2020/01/16 13:07:01 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT `id`, `type`, `name`, `is_actived`, `is_sync_enabled`, `cfg`, `created_unix`, `updated_unix` FROM `login_source` WHERE (is_actived = ? and type = ?) []interface {}{true, 7} - took: 2.3903ms 2020/01/16 13:07:01 ...s/context/context.go:330:func1() [D] Session ID: b761444db8912ef4 2020/01/16 13:07:01 ...s/context/context.go:331:func1() [D] CSRF Token: 0KmV0rAH-Ilg3DQ68KhUjPWFngg6MTU3OTIwMTYyMTMxMTIxMjcwMA 2020/01/16 13:07:01 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT `id`, `lower_name`, `name`, `full_name`, `email`, `keep_email_private`, `email_notifications_preference`, `passwd`, `passwd_hash_algo`, `must_change_password`, `login_type`, `login_source`, `login_name`, `type`, `location`, `website`, `rands`, `salt`, `language`, `description`, `created_unix`, `updated_unix`, `last_login_unix`, `last_repo_visibility`, `max_repo_creation`, `is_active`, `is_admin`, `allow_git_hook`, `allow_import_local`, `allow_create_organization`, `prohibit_login`, `avatar`, `avatar_email`, `use_custom_avatar`, `num_followers`, `num_following`, `num_stars`, `num_repos`, `num_teams`, `num_members`, `visibility`, `repo_admin_change_team_access`, `diff_view_style`, `theme` FROM `user` WHERE `lower_name`=? LIMIT 1 []interface {}{"fmlastname"} - took: 1.0002ms 2020/01/16 13:07:01 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT `id`, `owner_id`, `lower_name`, `name`, `description`, `website`, `original_service_type`, `original_url`, `default_branch`, `num_watches`, `num_stars`, `num_forks`, `num_issues`, `num_closed_issues`, `num_pulls`, `num_closed_pulls`, `num_milestones`, `num_closed_milestones`, `is_private`, `is_empty`, `is_archived`, `is_mirror`, `status`, `is_fork`, `fork_id`, `is_template`, `template_id`, `size`, `is_fsck_enabled`, `close_issues_via_commit_in_any_branch`, `topics`, `avatar`, `created_unix`, `updated_unix` FROM `repository` WHERE `owner_id`=? AND `lower_name`=? LIMIT 1 []interface {}{3, "oracle-instantclient12"} - took: 998.9µs 2020/01/16 13:07:01 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT `id`, `type`, `name`, `is_actived`, `is_sync_enabled`, `cfg`, `created_unix`, `updated_unix` FROM `login_source` WHERE (is_actived = ? and type = ?) []interface {}{true, 7} - took: 1.2491ms 2020/01/16 13:07:01 ...s/context/context.go:330:func1() [D] Session ID: 41e64d0daae50bc6 2020/01/16 13:07:01 ...s/context/context.go:331:func1() [D] CSRF Token: oknhHx_X7tn1bLQawNA-y28pON86MTU3OTIwMTYyMTc0MzQ2ODMwMA 2020/01/16 13:07:01 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT `id`, `lower_name`, `name`, `full_name`, `email`, `keep_email_private`, `email_notifications_preference`, `passwd`, `passwd_hash_algo`, `must_change_password`, `login_type`, `login_source`, `login_name`, `type`, `location`, `website`, `rands`, `salt`, `language`, `description`, `created_unix`, `updated_unix`, `last_login_unix`, `last_repo_visibility`, `max_repo_creation`, `is_active`, `is_admin`, `allow_git_hook`, `allow_import_local`, `allow_create_organization`, `prohibit_login`, `avatar`, `avatar_email`, `use_custom_avatar`, `num_followers`, `num_following`, `num_stars`, `num_repos`, `num_teams`, `num_members`, `visibility`, `repo_admin_change_team_access`, `diff_view_style`, `theme` FROM `user` WHERE `lower_name`=? LIMIT 1 []interface {}{"fmlastname"} - took: 0s 2020/01/16 13:07:01 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT `id`, `owner_id`, `lower_name`, `name`, `description`, `website`, `original_service_type`, `original_url`, `default_branch`, `num_watches`, `num_stars`, `num_forks`, `num_issues`, `num_closed_issues`, `num_pulls`, `num_closed_pulls`, `num_milestones`, `num_closed_milestones`, `is_private`, `is_empty`, `is_archived`, `is_mirror`, `status`, `is_fork`, `fork_id`, `is_template`, `template_id`, `size`, `is_fsck_enabled`, `close_issues_via_commit_in_any_branch`, `topics`, `avatar`, `created_unix`, `updated_unix` FROM `repository` WHERE `owner_id`=? AND `lower_name`=? LIMIT 1 []interface {}{3, "oracle-instantclient12"} - took: 1.0559ms 2020/01/16 13:07:01 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT `id`, `repo_id`, `type`, `config`, `created_unix` FROM `repo_unit` WHERE (repo_id = ?) []interface {}{3} - took: 1.0864ms 2020/01/16 13:07:01 ...s/repo_permission.go:149:func1() [T] Permission Loaded for anonymous user in 824753133376:fmlastname/Oracle-Instantclient12: Permissions: AccessMode: 824753134576:read, 5 Units, 0 UnitsMode(s): [ Units[0]: ID: 824753133616 RepoID: 824753133744 Type: 824753134624:UnitTypeCode Config: {} Units[1]: ID: 824753133952 RepoID: 824753134000 Type: 824753134768:UnitTypeIssues Config: {"EnableTimetracker":true,"AllowOnlyContributorsToTrackTime":true,"EnableDependencies":true} Units[2]: ID: 824753134160 RepoID: 824753134192 Type: 824753134816:UnitTypePullRequests Config: {"IgnoreWhitespaceConflicts":false,"AllowMerge":true,"AllowRebase":true,"AllowRebaseMerge":true,"AllowSquash":true} Units[3]: ID: 824753134320 RepoID: 824753134416 Type: 824753134848:UnitTypeReleases Config: {} Units[4]: ID: 824753134480 RepoID: 824753134528 Type: 824753134880:UnitTypeWiki Config: {} ] 2020/01/16 13:07:01 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT count(*) FROM `release` WHERE repo_id=? AND is_draft=? []interface {}{3, false} - took: 2.3503ms 2020/01/16 13:07:01 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT topic.* FROM `topic` INNER JOIN repo_topic ON repo_topic.topic_id = topic.id WHERE repo_topic.repo_id=? ORDER BY `topic`.`repo_count` DESC []interface {}{3} - took: 3.0021ms 2020/01/16 13:07:01 ...s/charset/charset.go:121:DetectEncoding() [D] Detected encoding: utf-8 (fast) 2020/01/16 13:07:01 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT `id`, `lower_name`, `name`, `full_name`, `email`, `keep_email_private`, `email_notifications_preference`, `passwd`, `passwd_hash_algo`, `must_change_password`, `login_type`, `login_source`, `login_name`, `type`, `location`, `website`, `rands`, `salt`, `language`, `description`, `created_unix`, `updated_unix`, `last_login_unix`, `last_repo_visibility`, `max_repo_creation`, `is_active`, `is_admin`, `allow_git_hook`, `allow_import_local`, `allow_create_organization`, `prohibit_login`, `avatar`, `avatar_email`, `use_custom_avatar`, `num_followers`, `num_following`, `num_stars`, `num_repos`, `num_teams`, `num_members`, `visibility`, `repo_admin_change_team_access`, `diff_view_style`, `theme` FROM `user` WHERE `email`=? LIMIT 1 []interface {}{"first.m.lastname@my.domain"} - took: 999.5µs 2020/01/16 13:07:01 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT `id`, `lower_name`, `name`, `full_name`, `email`, `keep_email_private`, `email_notifications_preference`, `passwd`, `passwd_hash_algo`, `must_change_password`, `login_type`, `login_source`, `login_name`, `type`, `location`, `website`, `rands`, `salt`, `language`, `description`, `created_unix`, `updated_unix`, `last_login_unix`, `last_repo_visibility`, `max_repo_creation`, `is_active`, `is_admin`, `allow_git_hook`, `allow_import_local`, `allow_create_organization`, `prohibit_login`, `avatar`, `avatar_email`, `use_custom_avatar`, `num_followers`, `num_following`, `num_stars`, `num_repos`, `num_teams`, `num_members`, `visibility`, `repo_admin_change_team_access`, `diff_view_style`, `theme` FROM `user` WHERE `email`=? LIMIT 1 []interface {}{"first.m.lastname@my.domain"} - took: 999.7µs 2020/01/16 13:07:01 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT max( id ) as id FROM `commit_status` WHERE (repo_id = ?) AND (sha = ?) GROUP BY context_hash ORDER BY max( id ) desc LIMIT 10 []interface {}{3, "2d9bc37355328c73b1faaa99804dfa81a7849c2c"} - took: 1.1075ms 2020/01/16 13:07:01 ...s/context/context.go:139:HTML() [D] Template: repo/home 2020/01/16 13:07:09 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT `id`, `type`, `name`, `is_actived`, `is_sync_enabled`, `cfg`, `created_unix`, `updated_unix` FROM `login_source` WHERE (is_actived = ? and type = ?) []interface {}{true, 7} - took: 14.6681ms 2020/01/16 13:07:09 ...s/context/context.go:330:func1() [D] Session ID: 869b719f3d8df24e 2020/01/16 13:07:09 ...s/context/context.go:331:func1() [D] CSRF Token: q0S2kcuXfASn49fvrLaDGncsf4I6MTU3OTIwMTYyOTM4MDE0MTAwMA 2020/01/16 13:07:09 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT `id`, `lower_name`, `name`, `full_name`, `email`, `keep_email_private`, `email_notifications_preference`, `passwd`, `passwd_hash_algo`, `must_change_password`, `login_type`, `login_source`, `login_name`, `type`, `location`, `website`, `rands`, `salt`, `language`, `description`, `created_unix`, `updated_unix`, `last_login_unix`, `last_repo_visibility`, `max_repo_creation`, `is_active`, `is_admin`, `allow_git_hook`, `allow_import_local`, `allow_create_organization`, `prohibit_login`, `avatar`, `avatar_email`, `use_custom_avatar`, `num_followers`, `num_following`, `num_stars`, `num_repos`, `num_teams`, `num_members`, `visibility`, `repo_admin_change_team_access`, `diff_view_style`, `theme` FROM `user` WHERE `lower_name`=? LIMIT 1 []interface {}{"fmlastname"} - took: 998.3µs 2020/01/16 13:07:09 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT `id`, `owner_id`, `lower_name`, `name`, `description`, `website`, `original_service_type`, `original_url`, `default_branch`, `num_watches`, `num_stars`, `num_forks`, `num_issues`, `num_closed_issues`, `num_pulls`, `num_closed_pulls`, `num_milestones`, `num_closed_milestones`, `is_private`, `is_empty`, `is_archived`, `is_mirror`, `status`, `is_fork`, `fork_id`, `is_template`, `template_id`, `size`, `is_fsck_enabled`, `close_issues_via_commit_in_any_branch`, `topics`, `avatar`, `created_unix`, `updated_unix` FROM `repository` WHERE `owner_id`=? AND `lower_name`=? LIMIT 1 []interface {}{3, "oracle-instantclient12"} - took: 1.0004ms ``` ## Description When an end user goes to `git push origin master`, if they use SSH, everything is all fine and dandy. If they are using HTTPS, they are met with: ``` fmlastname@computer MINGW64 ~/Documents/00. Documentation/Gitea/Oracle-Instantclient12 (master) $ git push origin master fatal: Authentication failed for 'https://my.domain/gitea/fmlastname/Oracle-Instantclient12.git/' ``` **YES**, stored credentials have been removed from Windows Credential Manager, computer restarted, and user is using exact same credentials as they use to log in via the web. ### What I've tried 1. Changing `app.ini` things: ``` ENABLE_REVERSE_PROXY_AUTHENTICATION = true/false ENABLE_REVERSE_PROXY_AUTO_REGISTRATION = true/false ``` 2. Adding the request filtering suggested by others [here](https://github.com/go-gitea/gitea/issues/1749) and [also this one](https://github.com/go-gitea/gitea/issues/6187). 3. Tried adding rights to the `repo` folder to the IIS application pool as suggested [here](https://stackoverflow.com/a/3892915). ## Additional **IIS Logs** ``` 2020-01-16 18:49:03 192.168.10.3 GET /gitea/fmlastname/Oracle-Instantclient12.git/info/refs service=git-upload-pack&X-ARR-CACHE-HIT=0&SERVER-ROUTED=LOCALHOST&X-ARR-LOG-ID=47538f8c-7074-4cf9-bda2-6a540c25f898&SERVER-STATUS=200 443 - 192.168.10.17 git/2.24.1.windows.2 - 200 0 0 102 2020-01-16 18:49:21 192.168.10.3 POST /gitea/fmlastname/Oracle-Instantclient12.git/git-upload-pack X-ARR-CACHE-HIT=0&SERVER-ROUTED=LOCALHOST&X-ARR-LOG-ID=a6b5e247-db38-45a4-b843-e7dcdda29db4&SERVER-STATUS=200 443 - 192.168.10.17 git/2.24.1.windows.2 - 200 0 0 18976 2020-01-16 18:52:10 192.168.10.3 GET /gitea/fmlastname/Oracle-Instantclient12.git/info/refs service=git-receive-pack&X-ARR-CACHE-HIT=0&SERVER-ROUTED=LOCALHOST&X-ARR-LOG-ID=a6322c68-d5ff-4006-9b6e-b44bbb466f0d&SERVER-STATUS=401 443 - 192.168.10.17 git/2.24.1.windows.2 - 401 0 0 25 2020-01-16 18:52:10 192.168.10.3 HEAD /gitea/fmlastname/Oracle-Instantclient12.git X-ARR-CACHE-HIT=0&SERVER-ROUTED=LOCALHOST&X-ARR-LOG-ID=efafb5e3-a6f4-4992-84c7-df06a6e32d3d&SERVER-STATUS=200 443 - 192.168.10.17 git-credential-manager+(Microsoft+Windows+NT+6.2.9200.0;+Win32NT;+x64)+CLR/4.0.30319+git-tools/1.20.0 - 200 0 0 44 2020-01-16 18:53:14 192.168.10.3 GET /gitea/fmlastname/Oracle-Instantclient12.git/info/refs service=git-receive-pack&X-ARR-CACHE-HIT=0&SERVER-ROUTED=LOCALHOST&X-ARR-LOG-ID=696b009f-1102-4331-8ed4-05062206999a&SERVER-STATUS=401 443 - 192.168.10.17 git/2.24.1.windows.2 - 401 0 0 25 2020-01-16 18:53:14 192.168.10.3 GET /gitea/fmlastname/Oracle-Instantclient12.git/info/refs service=git-receive-pack 443 - 192.168.10.17 git/2.24.1.windows.2 - 401 1 3221226331 40 2020-01-16 18:54:28 192.168.10.3 GET /gitea/fmlastname/Oracle-Instantclient12.git/info/refs service=git-receive-pack&X-ARR-CACHE-HIT=0&SERVER-ROUTED=LOCALHOST&X-ARR-LOG-ID=9f5ff0fd-09c7-4f19-9c4c-36c0623f15ff&SERVER-STATUS=401 443 - 192.168.10.17 git/2.24.1.windows.2 - 401 0 0 21 2020-01-16 18:54:28 192.168.10.3 GET /gitea/fmlastname/Oracle-Instantclient12.git/info/refs service=git-receive-pack&X-ARR-CACHE-HIT=0&SERVER-ROUTED=LOCALHOST&X-ARR-LOG-ID=74aed741-40e6-4076-9ce7-53e9515168c6&SERVER-STATUS=401 443 - 192.168.10.17 git/2.24.1.windows.2 - 401 0 0 18 2020-01-16 18:54:28 192.168.10.3 GET /gitea/fmlastname/Oracle-Instantclient12.git/info/refs service=git-receive-pack 443 - 192.168.10.17 git/2.24.1.windows.2 - 401 1 3221226331 46 ... 2020-01-16 19:07:01 192.168.10.3 GET /gitea/fmlastname/Oracle-Instantclient12.git/info/refs service=git-receive-pack&X-ARR-CACHE-HIT=0&SERVER-ROUTED=LOCALHOST&X-ARR-LOG-ID=fa18889c-db18-4d31-949d-9e8061eeccb0&SERVER-STATUS=401 443 - 192.168.10.17 git/2.24.1.windows.2 - 401 0 0 18 2020-01-16 19:07:01 192.168.10.3 HEAD /gitea/fmlastname/Oracle-Instantclient12.git X-ARR-CACHE-HIT=0&SERVER-ROUTED=LOCALHOST&X-ARR-LOG-ID=8bd6352e-d339-4ac9-afe7-5b42a9e951af&SERVER-STATUS=200 443 - 192.168.10.17 git-credential-manager+(Microsoft+Windows+NT+6.2.9200.0;+Win32NT;+x64)+CLR/4.0.30319+git-tools/1.20.0 - 200 0 0 138 2020-01-16 19:07:09 192.168.10.3 GET /gitea/fmlastname/Oracle-Instantclient12.git/info/refs service=git-receive-pack&X-ARR-CACHE-HIT=0&SERVER-ROUTED=LOCALHOST&X-ARR-LOG-ID=e354b983-1977-42f5-a567-21511a6b9b8e&SERVER-STATUS=401 443 - 192.168.10.17 git/2.24.1.windows.2 - 401 0 0 20 2020-01-16 19:07:09 192.168.10.3 GET /gitea/fmlastname/Oracle-Instantclient12.git/info/refs service=git-receive-pack 443 - 192.168.10.17 git/2.24.1.windows.2 - 401 1 3221226331 30 ``` ## My environment 1. Compiled from source and built using `git clone https://github.com/go-gitea/gitea.git&&git checkout release/v1.11&&TAGS="bindata sqlite sqlite_unlock_notify" make build` 2. Go v1.13.6 3. Make v4.2 4. Gitea v1.11.0+rc1-24-g6d1f7e90c 5. IIS reverse proxy to localhost on custom port ## Screenshots N/A

GiteaMirror added the issue/stale label 2025-11-02 05:58:41 -06:00

GiteaMirror closed this issue 2025-11-02 05:58:42 -06:00

GiteaMirror commented 2025-11-02 05:58:43 -06:00

Author

Owner

Copy Link

@iamdoubz commented on GitHub (Mar 2, 2020):

Is there anybody in the same boat as me? Or, am I alone in the world?

2020/03/02 12:50:23 ...s/repo_permission.go:149:func1() [T] Permission Loaded for anonymous user in 824706630128:username/Batch:
	Permissions: AccessMode: 824706630768:read, 5 Units, 0 UnitsMode(s): [ 
	Units[0]: ID: 824706630240 RepoID: 824706630272 Type: 824706630800:UnitTypeCode Config: {}
	Units[1]: ID: 824706630336 RepoID: 824706630368 Type: 824706630832:UnitTypeIssues Config: {"EnableTimetracker":true,"AllowOnlyContributorsToTrackTime":true,"EnableDependencies":true}
	Units[2]: ID: 824706630448 RepoID: 824706630480 Type: 824706630864:UnitTypePullRequests Config: {"IgnoreWhitespaceConflicts":false,"AllowMerge":true,"AllowRebase":true,"AllowRebaseMerge":true,"AllowSquash":true}
	Units[3]: ID: 824706630544 RepoID: 824706630576 Type: 824706630896:UnitTypeReleases Config: {}
	Units[4]: ID: 824706630640 RepoID: 824706630672 Type: 824706630944:UnitTypeWiki Config: {} ]
2020/03/02 12:50:23 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT count(*) FROM `release` WHERE repo_id=? AND is_draft=? []interface {}{2, false} - took: 0s
2020/03/02 12:50:23 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT topic.* FROM `topic` INNER JOIN repo_topic ON repo_topic.topic_id = topic.id WHERE repo_topic.repo_id=? ORDER BY `topic`.`repo_count` DESC []interface {}{2} - took: 0s
2020/03/02 12:50:23 ...s/charset/charset.go:121:DetectEncoding() [D] Detected encoding: utf-8 (fast)
2020/03/02 12:50:23 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT `id`, `lower_name`, `name`, `full_name`, `email`, `keep_email_private`, `email_notifications_preference`, `passwd`, `passwd_hash_algo`, `must_change_password`, `login_type`, `login_source`, `login_name`, `type`, `location`, `website`, `rands`, `salt`, `language`, `description`, `created_unix`, `updated_unix`, `last_login_unix`, `last_repo_visibility`, `max_repo_creation`, `is_active`, `is_admin`, `allow_git_hook`, `allow_import_local`, `allow_create_organization`, `prohibit_login`, `avatar`, `avatar_email`, `use_custom_avatar`, `num_followers`, `num_following`, `num_stars`, `num_repos`, `num_teams`, `num_members`, `visibility`, `repo_admin_change_team_access`, `diff_view_style`, `theme` FROM `user` WHERE `email`=? LIMIT 1 []interface {}{"first.m.lastname@domain.com"} - took: 1.0104ms
2020/03/02 12:50:23 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT `id`, `lower_name`, `name`, `full_name`, `email`, `keep_email_private`, `email_notifications_preference`, `passwd`, `passwd_hash_algo`, `must_change_password`, `login_type`, `login_source`, `login_name`, `type`, `location`, `website`, `rands`, `salt`, `language`, `description`, `created_unix`, `updated_unix`, `last_login_unix`, `last_repo_visibility`, `max_repo_creation`, `is_active`, `is_admin`, `allow_git_hook`, `allow_import_local`, `allow_create_organization`, `prohibit_login`, `avatar`, `avatar_email`, `use_custom_avatar`, `num_followers`, `num_following`, `num_stars`, `num_repos`, `num_teams`, `num_members`, `visibility`, `repo_admin_change_team_access`, `diff_view_style`, `theme` FROM `user` WHERE `email`=? LIMIT 1 []interface {}{"first.m.lastname@domain.com"} - took: 994.6µs
2020/03/02 12:50:23 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT max( id ) as id FROM `commit_status` WHERE (repo_id = ?) AND (sha = ?) GROUP BY context_hash ORDER BY max( id ) desc LIMIT 10 []interface {}{2, "5830f73446015fb1ff993abd7c27114bf2dac189"} - took: 997.7µs
2020/03/02 12:50:23 ...s/context/context.go:139:HTML() [D] Template: repo/home
2020/03/02 12:50:36 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT `id`, `type`, `name`, `is_actived`, `is_sync_enabled`, `cfg`, `created_unix`, `updated_unix` FROM `login_source` WHERE (is_actived = ? and type = ?) []interface {}{true, 7} - took: 6.8293ms
2020/03/02 12:50:36 ...s/context/context.go:330:func1() [D] Session ID: dcb5bfe37a4ba157
2020/03/02 12:50:36 ...s/context/context.go:331:func1() [D] CSRF Token: CFQsSpn9yC5cE2d2zg-kx8_9f786MTU4MzE3NTAzNjUzMDQxMTYwMA
2020/03/02 12:50:36 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT `id`, `lower_name`, `name`, `full_name`, `email`, `keep_email_private`, `email_notifications_preference`, `passwd`, `passwd_hash_algo`, `must_change_password`, `login_type`, `login_source`, `login_name`, `type`, `location`, `website`, `rands`, `salt`, `language`, `description`, `created_unix`, `updated_unix`, `last_login_unix`, `last_repo_visibility`, `max_repo_creation`, `is_active`, `is_admin`, `allow_git_hook`, `allow_import_local`, `allow_create_organization`, `prohibit_login`, `avatar`, `avatar_email`, `use_custom_avatar`, `num_followers`, `num_following`, `num_stars`, `num_repos`, `num_teams`, `num_members`, `visibility`, `repo_admin_change_team_access`, `diff_view_style`, `theme` FROM `user` WHERE `lower_name`=? LIMIT 1 []interface {}{"username"} - took: 0s
2020/03/02 12:50:36 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT `id`, `owner_id`, `lower_name`, `name`, `description`, `website`, `original_service_type`, `original_url`, `default_branch`, `num_watches`, `num_stars`, `num_forks`, `num_issues`, `num_closed_issues`, `num_pulls`, `num_closed_pulls`, `num_milestones`, `num_closed_milestones`, `is_private`, `is_empty`, `is_archived`, `is_mirror`, `status`, `is_fork`, `fork_id`, `is_template`, `template_id`, `size`, `is_fsck_enabled`, `close_issues_via_commit_in_any_branch`, `topics`, `avatar`, `created_unix`, `updated_unix` FROM `repository` WHERE `owner_id`=? AND `lower_name`=? LIMIT 1 []interface {}{3, "batch"} - took: 999.1µs

@iamdoubz commented on GitHub (Mar 2, 2020): Is there anybody in the same boat as me? Or, am I alone in the world? ``` 2020/03/02 12:50:23 ...s/repo_permission.go:149:func1() [T] Permission Loaded for anonymous user in 824706630128:username/Batch: Permissions: AccessMode: 824706630768:read, 5 Units, 0 UnitsMode(s): [ Units[0]: ID: 824706630240 RepoID: 824706630272 Type: 824706630800:UnitTypeCode Config: {} Units[1]: ID: 824706630336 RepoID: 824706630368 Type: 824706630832:UnitTypeIssues Config: {"EnableTimetracker":true,"AllowOnlyContributorsToTrackTime":true,"EnableDependencies":true} Units[2]: ID: 824706630448 RepoID: 824706630480 Type: 824706630864:UnitTypePullRequests Config: {"IgnoreWhitespaceConflicts":false,"AllowMerge":true,"AllowRebase":true,"AllowRebaseMerge":true,"AllowSquash":true} Units[3]: ID: 824706630544 RepoID: 824706630576 Type: 824706630896:UnitTypeReleases Config: {} Units[4]: ID: 824706630640 RepoID: 824706630672 Type: 824706630944:UnitTypeWiki Config: {} ] 2020/03/02 12:50:23 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT count(*) FROM `release` WHERE repo_id=? AND is_draft=? []interface {}{2, false} - took: 0s 2020/03/02 12:50:23 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT topic.* FROM `topic` INNER JOIN repo_topic ON repo_topic.topic_id = topic.id WHERE repo_topic.repo_id=? ORDER BY `topic`.`repo_count` DESC []interface {}{2} - took: 0s 2020/03/02 12:50:23 ...s/charset/charset.go:121:DetectEncoding() [D] Detected encoding: utf-8 (fast) 2020/03/02 12:50:23 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT `id`, `lower_name`, `name`, `full_name`, `email`, `keep_email_private`, `email_notifications_preference`, `passwd`, `passwd_hash_algo`, `must_change_password`, `login_type`, `login_source`, `login_name`, `type`, `location`, `website`, `rands`, `salt`, `language`, `description`, `created_unix`, `updated_unix`, `last_login_unix`, `last_repo_visibility`, `max_repo_creation`, `is_active`, `is_admin`, `allow_git_hook`, `allow_import_local`, `allow_create_organization`, `prohibit_login`, `avatar`, `avatar_email`, `use_custom_avatar`, `num_followers`, `num_following`, `num_stars`, `num_repos`, `num_teams`, `num_members`, `visibility`, `repo_admin_change_team_access`, `diff_view_style`, `theme` FROM `user` WHERE `email`=? LIMIT 1 []interface {}{"first.m.lastname@domain.com"} - took: 1.0104ms 2020/03/02 12:50:23 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT `id`, `lower_name`, `name`, `full_name`, `email`, `keep_email_private`, `email_notifications_preference`, `passwd`, `passwd_hash_algo`, `must_change_password`, `login_type`, `login_source`, `login_name`, `type`, `location`, `website`, `rands`, `salt`, `language`, `description`, `created_unix`, `updated_unix`, `last_login_unix`, `last_repo_visibility`, `max_repo_creation`, `is_active`, `is_admin`, `allow_git_hook`, `allow_import_local`, `allow_create_organization`, `prohibit_login`, `avatar`, `avatar_email`, `use_custom_avatar`, `num_followers`, `num_following`, `num_stars`, `num_repos`, `num_teams`, `num_members`, `visibility`, `repo_admin_change_team_access`, `diff_view_style`, `theme` FROM `user` WHERE `email`=? LIMIT 1 []interface {}{"first.m.lastname@domain.com"} - took: 994.6µs 2020/03/02 12:50:23 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT max( id ) as id FROM `commit_status` WHERE (repo_id = ?) AND (sha = ?) GROUP BY context_hash ORDER BY max( id ) desc LIMIT 10 []interface {}{2, "5830f73446015fb1ff993abd7c27114bf2dac189"} - took: 997.7µs 2020/03/02 12:50:23 ...s/context/context.go:139:HTML() [D] Template: repo/home 2020/03/02 12:50:36 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT `id`, `type`, `name`, `is_actived`, `is_sync_enabled`, `cfg`, `created_unix`, `updated_unix` FROM `login_source` WHERE (is_actived = ? and type = ?) []interface {}{true, 7} - took: 6.8293ms 2020/03/02 12:50:36 ...s/context/context.go:330:func1() [D] Session ID: dcb5bfe37a4ba157 2020/03/02 12:50:36 ...s/context/context.go:331:func1() [D] CSRF Token: CFQsSpn9yC5cE2d2zg-kx8_9f786MTU4MzE3NTAzNjUzMDQxMTYwMA 2020/03/02 12:50:36 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT `id`, `lower_name`, `name`, `full_name`, `email`, `keep_email_private`, `email_notifications_preference`, `passwd`, `passwd_hash_algo`, `must_change_password`, `login_type`, `login_source`, `login_name`, `type`, `location`, `website`, `rands`, `salt`, `language`, `description`, `created_unix`, `updated_unix`, `last_login_unix`, `last_repo_visibility`, `max_repo_creation`, `is_active`, `is_admin`, `allow_git_hook`, `allow_import_local`, `allow_create_organization`, `prohibit_login`, `avatar`, `avatar_email`, `use_custom_avatar`, `num_followers`, `num_following`, `num_stars`, `num_repos`, `num_teams`, `num_members`, `visibility`, `repo_admin_change_team_access`, `diff_view_style`, `theme` FROM `user` WHERE `lower_name`=? LIMIT 1 []interface {}{"username"} - took: 0s 2020/03/02 12:50:36 .../xorm/session_raw.go:78:queryRows() [I] [SQL] SELECT `id`, `owner_id`, `lower_name`, `name`, `description`, `website`, `original_service_type`, `original_url`, `default_branch`, `num_watches`, `num_stars`, `num_forks`, `num_issues`, `num_closed_issues`, `num_pulls`, `num_closed_pulls`, `num_milestones`, `num_closed_milestones`, `is_private`, `is_empty`, `is_archived`, `is_mirror`, `status`, `is_fork`, `fork_id`, `is_template`, `template_id`, `size`, `is_fsck_enabled`, `close_issues_via_commit_in_any_branch`, `topics`, `avatar`, `created_unix`, `updated_unix` FROM `repository` WHERE `owner_id`=? AND `lower_name`=? LIMIT 1 []interface {}{3, "batch"} - took: 999.1µs ```

GiteaMirror commented 2025-11-02 05:58:43 -06:00

Author

Owner

Copy Link

@Sebazzz commented on GitHub (Mar 7, 2020):

We're using it behind IIS at my place. Let me look up the reverse proxy config for you.

Note: I noticed the trailing forward slash after the .git url. Please check your URL.

@Sebazzz commented on GitHub (Mar 7, 2020): We're using it behind IIS at my place. Let me look up the reverse proxy config for you. **Note:** I noticed the trailing forward slash after the `.git` url. Please check your URL.

GiteaMirror commented 2025-11-02 05:58:43 -06:00

Author

Owner

Copy Link

@iamdoubz commented on GitHub (Mar 9, 2020):

We're using it behind IIS at my place. Let me look up the reverse proxy config for you.

Note: I noticed the trailing forward slash after the .git url. Please check your URL.

So it should be https://www.corp.local/gitea/fmlastname/reponame.git/? Is this what you mean @Sebazzz ?

And if you could take a look at your IIS RP configuration for me that would be excellant.

@iamdoubz commented on GitHub (Mar 9, 2020): > We're using it behind IIS at my place. Let me look up the reverse proxy config for you. > > **Note:** I noticed the trailing forward slash after the `.git` url. Please check your URL. So it should be `https://www.corp.local/gitea/fmlastname/reponame.git/`? Is this what you mean @Sebazzz ? And if you could take a look at your IIS RP configuration for me that would be excellant.

GiteaMirror commented 2025-11-02 05:58:43 -06:00

Author

Owner

Copy Link

@Sebazzz commented on GitHub (Mar 9, 2020):

Prerequisites is the IIS Url Rewrite module.

The config that works well for us: https://gist.github.com/Sebazzz/9383a0b751b8a04e5a4daffd49225290

Note: we're running git at a root path, for instance https://git.contoso.net, so not at a subpath like https://apps.contoso.net/git.

We're using it behind IIS at my place. Let me look up the reverse proxy config for you.
Note: I noticed the trailing forward slash after the .git url. Please check your URL.

So it should be https://www.corp.local/gitea/fmlastname/reponame.git/? Is this what you mean @Sebazzz ?

I would not expect the trailing slash.

@Sebazzz commented on GitHub (Mar 9, 2020): Prerequisites is the IIS Url Rewrite module. The config that works well for us: https://gist.github.com/Sebazzz/9383a0b751b8a04e5a4daffd49225290 **Note:** we're running git at a root path, for instance `https://git.contoso.net`, so not at a subpath like `https://apps.contoso.net/git`. > > We're using it behind IIS at my place. Let me look up the reverse proxy config for you. > > **Note:** I noticed the trailing forward slash after the `.git` url. Please check your URL. > > So it should be `https://www.corp.local/gitea/fmlastname/reponame.git/`? Is this what you mean @Sebazzz ? I would not expect the trailing slash.

GiteaMirror commented 2025-11-02 05:58:44 -06:00

Author

Owner

Copy Link

@iamdoubz commented on GitHub (Mar 9, 2020):

Okay. Thank you for this info. But, that is the reason that the authentication fails. It goes to the root to get credentials and does not "pass" them to the subpath as we are using and I'm afraid that this is what is causing the issue.

I will dive into your provided config file (again, thank you for providing it) and see what I can come up with.

@iamdoubz commented on GitHub (Mar 9, 2020): Okay. Thank you for this info. But, that is the reason that the authentication fails. It goes to the root to get credentials and does not "pass" them to the subpath as we are using and I'm afraid that this is what is causing the issue. I will dive into your provided config file (again, thank you for providing it) and see what I can come up with.

GiteaMirror commented 2025-11-02 05:58:44 -06:00

Author

Owner

Copy Link

@stale[bot] commented on GitHub (May 9, 2020):

This issue has been automatically marked as stale because it has not had recent activity. I am here to help clear issues left open even if solved or waiting for more insight. This issue will be closed if no further activity occurs during the next 2 weeks. If the issue is still valid just add a comment to keep it alive. Thank you for your contributions.

@stale[bot] commented on GitHub (May 9, 2020): This issue has been automatically marked as stale because it has not had recent activity. I am here to help clear issues left open even if solved or waiting for more insight. This issue will be closed if no further activity occurs during the next 2 weeks. If the issue is still valid just add a comment to keep it alive. Thank you for your contributions.

GiteaMirror commented 2025-11-02 05:58:44 -06:00

Author

Owner

Copy Link

@stale[bot] commented on GitHub (May 23, 2020):

This issue has been automatically closed because of inactivity. You can re-open it if needed.

@stale[bot] commented on GitHub (May 23, 2020): This issue has been automatically closed because of inactivity. You can re-open it if needed.

GiteaMirror referenced this issue 2025-11-02 13:30:31 -06:00

[PR #4664] [MERGED] Don't disclose emails of all users when sending out emails #17454

GiteaMirror referenced this issue 2025-11-02 13:40:08 -06:00

[PR #4784] [MERGED] Don't disclose emails of all users when sending out emails #17495

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

release/v1.25

release/v1.24

release/v1.23

release/v1.22

release/v1.21

release/v1.20

release/v1.19

release/v1.18

release/v1.17

release/v1.16

release/v1.15

release/v1.14

release/v1.13

release/v1.12

release/v1.11

release/v1.10

release/v1.9

release/v1.8

v1.25.3

v1.25.2

v1.25.1

v1.25.0

v1.24.7

v1.25.0-rc0

v1.26.0-dev

v1.24.6

v1.24.5

v1.24.4

v1.24.3

v1.24.2

v1.24.1

v1.24.0

v1.23.8

v1.24.0-rc0

v1.25.0-dev

v1.23.7

v1.23.6

v1.23.5

v1.23.4

v1.23.3

v1.23.2

v1.23.1

v1.23.0

v1.23.0-rc0

v1.24.0-dev

v1.22.6

v1.22.5

v1.22.4

v1.22.3

v1.22.2

v1.22.1

v1.22.0

v1.23.0-dev

v1.22.0-rc1

v1.21.11

v1.22.0-rc0

v1.21.10

v1.21.9

v1.21.8

v1.21.7

v1.21.6

v1.21.5

v1.21.4

v1.21.3

v1.21.2

v1.20.6

v1.21.1

v1.21.0

v1.21.0-rc2

v1.21.0-rc1

v1.20.5

v1.22.0-dev

v1.21.0-rc0

v1.20.4

v1.20.3

v1.20.2

v1.20.1

v1.20.0

v1.19.4

v1.21.0-dev

v1.20.0-rc2

v1.20.0-rc1

v1.20.0-rc0

v1.19.3

v1.19.2

v1.19.1

v1.19.0

v1.19.0-rc1

v1.20.0-dev

v1.19.0-rc0

v1.18.5

v1.18.4

v1.18.3

v1.18.2

v1.18.1

v1.18.0

v1.17.4

v1.18.0-rc1

v1.19.0-dev

v1.18.0-rc0

v1.17.3

v1.17.2

v1.17.1

v1.17.0

v1.17.0-rc2

v1.16.9

v1.17.0-rc1

v1.18.0-dev

v1.16.8

v1.16.7

v1.16.6

v1.16.5

v1.16.4

v1.16.3

v1.16.2

v1.16.1

v1.16.0

v1.15.11

v1.17.0-dev

v1.16.0-rc1

v1.15.10

v1.15.9

v1.15.8

v1.15.7

v1.15.6

v1.15.5

v1.15.4

v1.15.3

v1.15.2

v1.15.1

v1.14.7

v1.15.0

v1.15.0-rc3

v1.14.6

v1.15.0-rc2

v1.14.5

v1.16.0-dev

v1.15.0-rc1

v1.14.4

v1.14.3

v1.14.2

v1.14.1

v1.14.0

v1.13.7

v1.14.0-rc2

v1.13.6

v1.13.5

v1.14.0-rc1

v1.15.0-dev

v1.13.4

v1.13.3

v1.13.2

v1.13.1

v1.13.0

v1.12.6

v1.13.0-rc2

v1.14.0-dev

v1.13.0-rc1

v1.12.5

v1.12.4

v1.12.3

v1.12.2

v1.12.1

v1.11.8

v1.12.0

v1.11.7

v1.12.0-rc2

v1.11.6

v1.12.0-rc1

v1.13.0-dev

v1.11.5

v1.11.4

v1.11.3

v1.10.6

v1.12.0-dev

v1.11.2

v1.10.5

v1.11.1

v1.10.4

v1.11.0

v1.11.0-rc2

v1.10.3

v1.11.0-rc1

v1.10.2

v1.10.1

v1.10.0

v1.9.6

v1.9.5

v1.10.0-rc2

v1.11.0-dev

v1.10.0-rc1

v1.9.4

v1.9.3

v1.9.2

v1.9.1

v1.9.0

v1.9.0-rc2

v1.10.0-dev

v1.9.0-rc1

v1.8.3

v1.8.2

v1.8.1

v1.8.0

v1.8.0-rc3

v1.7.6

v1.8.0-rc2

v1.7.5

v1.8.0-rc1

v1.9.0-dev

v1.7.4

v1.7.3

v1.7.2

v1.7.1

v1.7.0

v1.7.0-rc3

v1.6.4

v1.7.0-rc2

v1.6.3

v1.7.0-rc1

v1.7.0-dev

v1.6.2

v1.6.1

v1.6.0

v1.6.0-rc2

v1.5.3

v1.6.0-rc1

v1.6.0-dev

v1.5.2

v1.5.1

v1.5.0

v1.5.0-rc2

v1.5.0-rc1

v1.5.0-dev

v1.4.3

v1.4.2

v1.4.1

v1.4.0

v1.4.0-rc3

v1.4.0-rc2

v1.3.3

v1.4.0-rc1

v1.3.2

v1.3.1

v1.3.0

v1.3.0-rc2

v1.3.0-rc1

v1.2.3

v1.2.2

v1.2.1

v1.2.0

v1.2.0-rc3

v1.2.0-rc2

v1.1.4

v1.2.0-rc1

v1.1.3

v1.1.2

v1.1.1

v1.1.0

v1.0.2

v1.0.1

v1.0.0

v0.9.99

Labels

Clear labels

$20

$250

$50

$500

backport/done

💎 Bounty

docs-update-needed

good first issue

hacktoberfest

issue/bounty

issue/confirmed

issue/critical

issue/duplicate

issue/needs-feedback

issue/not-a-bug

issue/regression

issue/stale

issue/workaround

lgtm/need 2

modifies/api

modifies/translation

outdated/backport/v1.18

outdated/theme/markdown

outdated/theme/timetracker

performance/bigrepo

performance/cpu

performance/memory

performance/speed

pr/breaking

proposal/accepted

proposal/rejected

pr/wip

pull-request

Mirrored from GitHub Pull Request

reviewed/wontfix

💰 Rewarded

skip-changelog

status/blocked

topic/accessibility

topic/api

topic/authentication

topic/build

topic/code-linting

topic/commit-signing

topic/content-rendering

topic/deployment

topic/distribution

topic/federation

topic/gitea-actions

topic/issues

topic/lfs

topic/mobile

topic/moderation

topic/packages

topic/pr

topic/projects

topic/repo

topic/repo-migration

topic/security

topic/theme

topic/ui

topic/ui-interaction

topic/ux

topic/webhooks

topic/wiki

type/bug

type/deprecation

type/docs

type/enhancement

type/feature

type/miscellaneous

type/proposal

type/question

type/refactoring

type/summary

type/testing

type/upstream

No Label issue/stale

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

GiteaMirror ninjasurge

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/gitea#4664