Panic while enrolling in MFA #6583

New Issue

Closed

opened 2025-11-02 07:00:12 -06:00 by GiteaMirror · 8 comments

GiteaMirror commented 2025-11-02 07:00:12 -06:00

Owner

Copy Link

Originally created by @dabaer on GitHub (Dec 25, 2020).

• Gitea version (or commit ref): 1.13.0
• Git version: 2.25.1
• Operating system: Ubuntu 20.04
• Install Mode: From Binary
• Run command: gitea web -c /etc/gitea/app.ini WORK_DIRECTORY=/var/lib/gitea
• Database (use [x]):
  • PostgreSQL
  • MySQL
  • MSSQL
  • SQLite
• Can you reproduce the bug at https://try.gitea.io:
  • Yes (provide example URL)
  • No
• Log gist:

Started POST /user/settings/security/two_factor/enroll for 127.0.0.1
2020/12/24 18:18:36 ...les/context/panic.go:35:1() [E] PANIC:: interface conversion: interface {} is nil, not string
	/usr/local/go/src/runtime/iface.go:261 (0x41358e)
	/go/src/code.gitea.io/gitea/routers/user/setting/security_twofa.go:192 (0x1d87cfe)
	/usr/local/go/src/reflect/value.go:476 (0x4a5886)
	/usr/local/go/src/reflect/value.go:337 (0x4a4d78)
	/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:177 (0xd819f9)
	/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:137 (0xd813ca)
	/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:121 (0xd82f1c)
	/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:112 (0x1665df4)
	/go/src/code.gitea.io/gitea/modules/context/panic.go:39 (0x1665de5)
	/usr/local/go/src/reflect/value.go:476 (0x4a5886)
	/usr/local/go/src/reflect/value.go:337 (0x4a4d78)
	/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:177 (0xd819f9)
	/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:137 (0xd813ca)
	/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:121 (0xd82f1c)
	/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:112 (0x1619ac4)
	/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/session/session.go:192 (0x1619aad)
	/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:79 (0xd82d92)
	/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:157 (0xd81714)
	/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:135 (0xd814b9)
	/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:121 (0xd82f1c)
	/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:112 (0xd94aa5)
	/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/recovery.go:161 (0xd94a98)
	/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/logger.go:40 (0xd86ad7)
	/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:157 (0xd81714)
	/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:135 (0xd814b9)
	/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:121 (0xd82f1c)
	/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:112 (0x21aa7c4)
	/go/src/code.gitea.io/gitea/routers/routes/routes.go:109 (0x21aa7ae)
	/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:79 (0xd82d92)
	/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:157 (0xd81714)
	/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:135 (0xd814b9)
	/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:121 (0xd82f1c)
	/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/router.go:187 (0xd95cf0)
	/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/router.go:294 (0xd8f52f)
	/go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/macaron.go:218 (0xd87e4d)
	/go/src/code.gitea.io/gitea/vendor/github.com/gorilla/context/context.go:141 (0x128ed93)
	/usr/local/go/src/net/http/server.go:2042 (0x777623)
	/usr/local/go/src/net/http/server.go:2843 (0x77ac22)
	/usr/local/go/src/net/http/server.go:1925 (0x77642c)
	/usr/local/go/src/runtime/asm_amd64.s:1374 (0x478820)
	
2020/12/24 18:18:36 Completed POST /user/settings/security/two_factor/enroll 500 Internal Server Error in 10.84602ms

Description

When attempting to enroll in MFA in a fresh install of Gitea, an HTTP 500 error is shown and the above log is emitted.

This appears to be #13149, however that was resolved on it's own. Since it's no longer isolated I figured I should post again.

Edit: This is using the Authy app for TOTP.

Originally created by @dabaer on GitHub (Dec 25, 2020). <!-- NOTE: If your issue is a security concern, please send an email to security@gitea.io instead of opening a public issue --> <!-- 1. Please speak English, this is the language all maintainers can speak and write. 2. Please ask questions or configuration/deploy problems on our Discord server (https://discord.gg/gitea) or forum (https://discourse.gitea.io). 3. Please take a moment to check that your issue doesn't already exist. 4. Make sure it's not mentioned in the FAQ (https://docs.gitea.io/en-us/faq) 5. Please give all relevant information below for bug reports, because incomplete details will be handled as an invalid report. --> - Gitea version (or commit ref): 1.13.0 - Git version: 2.25.1 - Operating system: Ubuntu 20.04 <!-- Please include information on whether you built gitea yourself, used one of our downloads or are using some other package --> - Install Mode: From Binary - Run command: `gitea web -c /etc/gitea/app.ini WORK_DIRECTORY=/var/lib/gitea` <!-- Please also tell us how you are running gitea, e.g. if it is being run from docker, a command-line, systemd etc. ---> <!-- If you are using a package or systemd tell us what distribution you are using --> - Database (use `[x]`): - [x] PostgreSQL - [ ] MySQL - [ ] MSSQL - [ ] SQLite - Can you reproduce the bug at https://try.gitea.io: - [ ] Yes (provide example URL) - [x] No - Log gist: <!-- It really is important to provide pertinent logs --> <!-- Please read https://docs.gitea.io/en-us/logging-configuration/#debugging-problems --> <!-- In addition, if your problem relates to git commands set `RUN_MODE=dev` at the top of app.ini --> ``` Started POST /user/settings/security/two_factor/enroll for 127.0.0.1 2020/12/24 18:18:36 ...les/context/panic.go:35:1() [E] PANIC:: interface conversion: interface {} is nil, not string /usr/local/go/src/runtime/iface.go:261 (0x41358e) /go/src/code.gitea.io/gitea/routers/user/setting/security_twofa.go:192 (0x1d87cfe) /usr/local/go/src/reflect/value.go:476 (0x4a5886) /usr/local/go/src/reflect/value.go:337 (0x4a4d78) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:177 (0xd819f9) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:137 (0xd813ca) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:121 (0xd82f1c) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:112 (0x1665df4) /go/src/code.gitea.io/gitea/modules/context/panic.go:39 (0x1665de5) /usr/local/go/src/reflect/value.go:476 (0x4a5886) /usr/local/go/src/reflect/value.go:337 (0x4a4d78) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:177 (0xd819f9) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:137 (0xd813ca) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:121 (0xd82f1c) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:112 (0x1619ac4) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/session/session.go:192 (0x1619aad) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:79 (0xd82d92) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:157 (0xd81714) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:135 (0xd814b9) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:121 (0xd82f1c) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:112 (0xd94aa5) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/recovery.go:161 (0xd94a98) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/logger.go:40 (0xd86ad7) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:157 (0xd81714) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:135 (0xd814b9) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:121 (0xd82f1c) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:112 (0x21aa7c4) /go/src/code.gitea.io/gitea/routers/routes/routes.go:109 (0x21aa7ae) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:79 (0xd82d92) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:157 (0xd81714) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:135 (0xd814b9) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:121 (0xd82f1c) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/router.go:187 (0xd95cf0) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/router.go:294 (0xd8f52f) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/macaron.go:218 (0xd87e4d) /go/src/code.gitea.io/gitea/vendor/github.com/gorilla/context/context.go:141 (0x128ed93) /usr/local/go/src/net/http/server.go:2042 (0x777623) /usr/local/go/src/net/http/server.go:2843 (0x77ac22) /usr/local/go/src/net/http/server.go:1925 (0x77642c) /usr/local/go/src/runtime/asm_amd64.s:1374 (0x478820) 2020/12/24 18:18:36 Completed POST /user/settings/security/two_factor/enroll 500 Internal Server Error in 10.84602ms ``` ## Description When attempting to enroll in MFA in a fresh install of Gitea, an HTTP 500 error is shown and the above log is emitted. This appears to be #13149, however that was resolved on it's own. Since it's no longer isolated I figured I should post again. Edit: This is using the Authy app for TOTP.

GiteaMirror added the issue/needs-feedback label 2025-11-02 07:00:12 -06:00

GiteaMirror closed this issue 2025-11-02 07:00:12 -06:00

GiteaMirror commented 2025-11-02 07:00:13 -06:00

Author

Owner

Copy Link

@lunny commented on GitHub (Dec 26, 2020):

Could you find the log before these like Unable to save changes to the session: ?

@lunny commented on GitHub (Dec 26, 2020): Could you find the log before these like `Unable to save changes to the session: `?

GiteaMirror commented 2025-11-02 07:00:13 -06:00

Author

Owner

Copy Link

@zeripath commented on GitHub (Dec 26, 2020):

The panic is occuring here:

d551152582/routers/user/setting/security_twofa.go (L192)

The error implies that ctx.Session.Get("twofaSecret") returns nil not a string.

Why might this occur?

Well it shouldn't be possible to get to this page without that twofaSecret being set within the session as it will be set in twofaGenerateSecretAndQr unless there is a log.Error("Unable to save changes to the session: %v", err)

So as @lunny suggests, could you check the preceding logs for a Unable to save changes to the session: line? That would help us to find out where the issue is.

If there is not a log line like that then we need to think again but we can't proceed further without knowing if that occurs.

@zeripath commented on GitHub (Dec 26, 2020): The panic is occuring here: https://github.com/go-gitea/gitea/blob/d551152582028b1e42d663cf1bc1e9a3a7e38b1e/routers/user/setting/security_twofa.go#L192 The error implies that `ctx.Session.Get("twofaSecret")` returns nil not a string. Why might this occur? Well it shouldn't be possible to get to this page without that twofaSecret being set within the session as it will be set in `twofaGenerateSecretAndQr` unless there is a `log.Error("Unable to save changes to the session: %v", err)` So as @lunny suggests, could you check the preceding logs for a `Unable to save changes to the session:` line? That would help us to find out where the issue is. If there is not a log line like that then we need to think again but we can't proceed further without knowing if that occurs.

GiteaMirror commented 2025-11-02 07:00:14 -06:00

Author

Owner

Copy Link

@dabaer commented on GitHub (Dec 28, 2020):

Apologies for the delay, Christmas and all.

I searched the log and found the error log as I had sent originally, but there was no line containing Unable to save changes to session.

Frustratingly, after coming back to it today I was able to add the factor successfully. Unfortunately nothing really changed, I started the server under the same conditions as before (in the foreground via CLI) after it had been running since as a system service (same as before).

I will close this as I can't reproduce this, and thank you for helping thus far. I will re-open if I manage to encounter it again with a full log.

@dabaer commented on GitHub (Dec 28, 2020): Apologies for the delay, Christmas and all. I searched the log and found the error log as I had sent originally, but there was no line containing Unable to save changes to session. Frustratingly, after coming back to it today I was able to add the factor successfully. Unfortunately nothing really changed, I started the server under the same conditions as before (in the foreground via CLI) after it had been running since as a system service (same as before). I will close this as I can't reproduce this, and thank you for helping thus far. I will re-open if I manage to encounter it again with a full log.

GiteaMirror commented 2025-11-02 07:00:14 -06:00

Author

Owner

Copy Link

@ashmckenzie commented on GitHub (Jan 14, 2021):

I just hit this issue also with 1.13.1. For me, the issue only occurs when PROTOCOL = https is set within the app.ini file as when I switch back to PROTOCOL = http I don't see the error.

@ashmckenzie commented on GitHub (Jan 14, 2021): I just hit this issue also with 1.13.1. For me, the issue only occurs when `PROTOCOL = https` is set within the `app.ini` file as when I switch back to `PROTOCOL = http` I don't see the error.

GiteaMirror commented 2025-11-02 07:00:14 -06:00

Author

Owner

Copy Link

@zeripath commented on GitHub (Jan 17, 2021):

@ashmckenzie we need the logs if we're going to progress this at all as stated https://github.com/go-gitea/gitea/issues/14144#issuecomment-751396178

@zeripath commented on GitHub (Jan 17, 2021): @ashmckenzie we need the logs if we're going to progress this at all as stated https://github.com/go-gitea/gitea/issues/14144#issuecomment-751396178

GiteaMirror commented 2025-11-02 07:00:14 -06:00

Author

Owner

Copy Link

@ashmckenzie commented on GitHub (Jan 18, 2021):

@zeripath this is what I see in the logs with debugging enabled:

2021/01/18 12:03:29 ...s/context/context.go:332:func1() [D] Session ID: <removed>
2021/01/18 12:03:29 ...s/context/context.go:333:func1() [D] CSRF Token: <removed>
        /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:112 (0x166b1d4)
        /go/src/code.gitea.io/gitea/modules/context/panic.go:39 (0x166b1c5)
        /usr/local/go/src/reflect/value.go:476 (0x4a4e26)
        /usr/local/go/src/reflect/value.go:337 (0x4a4318)
        /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:177 (0xd86739)
        /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:137 (0xd8610a)
        /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:121 (0xd87c5c)
        /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:112 (0x161eea4)
        /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/session/session.go:192 (0x161ee8d)
        /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:79 (0xd87ad2)
        /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:157 (0xd86454)
        /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:135 (0xd861f9)
        /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:121 (0xd87c5c)
        /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:112 (0xd997e5)
        /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/recovery.go:161 (0xd997d8)
        /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/logger.go:40 (0xd8b817)
        /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:157 (0xd86454)
        /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:135 (0xd861f9)
        /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:121 (0xd87c5c)
        /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:112 (0x21b0f24)
        /go/src/code.gitea.io/gitea/routers/routes/routes.go:109 (0x21b0f0e)
        /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:79 (0xd87ad2)
        /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:157 (0xd86454)
        /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:135 (0xd861f9)
        /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:121 (0xd87c5c)
        /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/router.go:187 (0xd9aa30)
        /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/router.go:294 (0xd9426f)
        /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/macaron.go:218 (0xd8cb8d)
        /go/src/code.gitea.io/gitea/vendor/github.com/gorilla/context/context.go:141 (0x1293fd3)
        /usr/local/go/src/net/http/server.go:2042 (0x77b883)
        /usr/local/go/src/net/http/server.go:2843 (0x77ee82)
        /usr/local/go/src/net/http/server.go:1925 (0x77a68c)
        /usr/local/go/src/runtime/asm_amd64.s:1374 (0x477dc0)

2021/01/18 12:03:29 ...s/context/context.go:139:HTML() [D] Template: status/500
2021/01/18 12:03:29 Completed POST /user/settings/security/two_factor/enroll 500 Internal Server Error in 7.260135ms

After a bit of trial and error, I discovered when https://addons.mozilla.org/en-US/firefox/addon/malwarebytes/ is installed and the 'Scams' toggle is enabled, this results in the 500 being produced:

When I disable the 'Scams' toggle, everything works as expected.

So as @lunny suggests, could you check the preceding logs for a Unable to save changes to the session: line? That would help us to find out where the issue is.

I don't see anything in the logs saying Unable to save changes to the session:

@ashmckenzie commented on GitHub (Jan 18, 2021): @zeripath this is what I see in the logs with debugging enabled: ```2021/01/18 12:03:29 Started POST /user/settings/security/two_factor/enroll for 172.17.0.1 2021/01/18 12:03:29 ...s/context/context.go:332:func1() [D] Session ID: <removed> 2021/01/18 12:03:29 ...s/context/context.go:333:func1() [D] CSRF Token: <removed> /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:112 (0x166b1d4) /go/src/code.gitea.io/gitea/modules/context/panic.go:39 (0x166b1c5) /usr/local/go/src/reflect/value.go:476 (0x4a4e26) /usr/local/go/src/reflect/value.go:337 (0x4a4318) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:177 (0xd86739) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:137 (0xd8610a) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:121 (0xd87c5c) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:112 (0x161eea4) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/session/session.go:192 (0x161ee8d) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:79 (0xd87ad2) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:157 (0xd86454) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:135 (0xd861f9) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:121 (0xd87c5c) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:112 (0xd997e5) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/recovery.go:161 (0xd997d8) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/logger.go:40 (0xd8b817) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:157 (0xd86454) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:135 (0xd861f9) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:121 (0xd87c5c) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:112 (0x21b0f24) /go/src/code.gitea.io/gitea/routers/routes/routes.go:109 (0x21b0f0e) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:79 (0xd87ad2) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:157 (0xd86454) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/inject/inject.go:135 (0xd861f9) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/context.go:121 (0xd87c5c) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/router.go:187 (0xd9aa30) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/router.go:294 (0xd9426f) /go/src/code.gitea.io/gitea/vendor/gitea.com/macaron/macaron/macaron.go:218 (0xd8cb8d) /go/src/code.gitea.io/gitea/vendor/github.com/gorilla/context/context.go:141 (0x1293fd3) /usr/local/go/src/net/http/server.go:2042 (0x77b883) /usr/local/go/src/net/http/server.go:2843 (0x77ee82) /usr/local/go/src/net/http/server.go:1925 (0x77a68c) /usr/local/go/src/runtime/asm_amd64.s:1374 (0x477dc0) 2021/01/18 12:03:29 ...s/context/context.go:139:HTML() [D] Template: status/500 2021/01/18 12:03:29 Completed POST /user/settings/security/two_factor/enroll 500 Internal Server Error in 7.260135ms ``` After a bit of trial and error, I discovered when https://addons.mozilla.org/en-US/firefox/addon/malwarebytes/ is installed and the 'Scams' toggle is enabled, this results in the 500 being produced:  When I disable the 'Scams' toggle, everything works as expected. > So as @lunny suggests, could you check the preceding logs for a Unable to save changes to the session: line? That would help us to find out where the issue is. I don't see anything in the logs saying `Unable to save changes to the session:`

GiteaMirror commented 2025-11-02 07:00:14 -06:00

Author

Owner

Copy Link

@ashmckenzie commented on GitHub (Jan 18, 2021):

I cloned this repo, checkout out v1.13.1 and was able to replicate:

2021/01/18 12:34:17 Started POST /user/settings/security/two_factor/enroll for 127.0.0.1
2021/01/18 12:34:17 ...s/context/context.go:332:func1() [D] Session ID: e6a55fa994ded52b
2021/01/18 12:34:17 ...s/context/context.go:333:func1() [D] CSRF Token: TP4vwFjSw2rIdrB5aTkbaODmWYM6MTYxMDkzMzY1MDEzNTczMTAwMA
2021/01/18 12:34:17 ...les/context/panic.go:35:1() [E] PANIC:: interface conversion: interface {} is nil, not string
	/Users/ash/.asdf/installs/golang/1.15.5/go/src/runtime/iface.go:261 (0x400ff0e)
		panicdottypeE: panic(&TypeAssertionError{iface, have, want, ""})
	/Users/ash/src/personal/external/gitea/routers/user/setting/security_twofa.go:192 (0x5989e1e)
		EnrollTwoFactorPost: secret := ctx.Session.Get("twofaSecret").(string)
	/Users/ash/.asdf/installs/golang/1.15.5/go/src/reflect/value.go:476 (0x40a1746)
		Value.call: call(frametype, fn, args, uint32(frametype.size), uint32(retOffset))
	/Users/ash/.asdf/installs/golang/1.15.5/go/src/reflect/value.go:337 (0x40a0c38)
		Value.Call: return v.call("Call", in)
	/Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/inject/inject.go:177 (0x49831d9)
		(*injector).callInvoke: return reflect.ValueOf(f).Call(in), nil
	/Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/inject/inject.go:137 (0x4982baa)
		(*injector).Invoke: return inj.callInvoke(f, t, t.NumIn())
	/Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/macaron/context.go:121 (0x49846fc)
		(*Context).run: vals, err := c.Invoke(c.handler())
	/Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/macaron/context.go:112 (0x5267af4)
		(*Context).Next: c.run()
	/Users/ash/src/personal/external/gitea/modules/context/panic.go:39 (0x5267ae5)
		Recovery.func1: ctx.Next()
	/Users/ash/.asdf/installs/golang/1.15.5/go/src/reflect/value.go:476 (0x40a1746)
		Value.call: call(frametype, fn, args, uint32(frametype.size), uint32(retOffset))
	/Users/ash/.asdf/installs/golang/1.15.5/go/src/reflect/value.go:337 (0x40a0c38)
		Value.Call: return v.call("Call", in)
	/Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/inject/inject.go:177 (0x49831d9)
		(*injector).callInvoke: return reflect.ValueOf(f).Call(in), nil
	/Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/inject/inject.go:137 (0x4982baa)
		(*injector).Invoke: return inj.callInvoke(f, t, t.NumIn())
	/Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/macaron/context.go:121 (0x49846fc)
		(*Context).run: vals, err := c.Invoke(c.handler())
	/Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/macaron/context.go:112 (0x521b7c4)
		(*Context).Next: c.run()
	/Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/session/session.go:192 (0x521b7ad)
		Sessioner.func1: ctx.Next()
	/Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/macaron/context.go:79 (0x4984572)
		ContextInvoker.Invoke: invoke(params[0].(*Context))
	/Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/inject/inject.go:157 (0x4982ef4)
		(*injector).fastInvoke: return f.Invoke(in)
	/Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/inject/inject.go:135 (0x4982c99)
		(*injector).Invoke: return inj.fastInvoke(v, t, t.NumIn())
	/Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/macaron/context.go:121 (0x49846fc)
		(*Context).run: vals, err := c.Invoke(c.handler())
	/Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/macaron/context.go:112 (0x4996285)
		(*Context).Next: c.run()
	/Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/macaron/recovery.go:161 (0x4996278)
		Recovery.func1: c.Next()
	/Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/macaron/logger.go:40 (0x49882b7)
		LoggerInvoker.Invoke: invoke(params[0].(*Context), params[1].(*log.Logger))
	/Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/inject/inject.go:157 (0x4982ef4)
		(*injector).fastInvoke: return f.Invoke(in)
	/Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/inject/inject.go:135 (0x4982c99)
		(*injector).Invoke: return inj.fastInvoke(v, t, t.NumIn())
	/Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/macaron/context.go:121 (0x49846fc)
		(*Context).run: vals, err := c.Invoke(c.handler())
	/Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/macaron/context.go:112 (0x5dad724)
		(*Context).Next: c.run()
	/Users/ash/src/personal/external/gitea/routers/routes/routes.go:109 (0x5dad70e)
		RouterHandler.func1: ctx.Next()
	/Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/macaron/context.go:79 (0x4984572)
		ContextInvoker.Invoke: invoke(params[0].(*Context))
	/Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/inject/inject.go:157 (0x4982ef4)
		(*injector).fastInvoke: return f.Invoke(in)
	/Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/inject/inject.go:135 (0x4982c99)
		(*injector).Invoke: return inj.fastInvoke(v, t, t.NumIn())
	/Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/macaron/context.go:121 (0x49846fc)
		(*Context).run: vals, err := c.Invoke(c.handler())
	/Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/macaron/router.go:187 (0x49974d0)
		(*Router).Handle.func1: c.run()
	/Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/macaron/router.go:294 (0x4990d0f)
		(*Router).ServeHTTP: leaf.handle(rw, req, nil)
	/Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/macaron/macaron.go:218 (0x498962d)
		(*Macaron).ServeHTTP: m.Router.ServeHTTP(rw, req)
	/Users/ash/src/personal/external/gitea/vendor/github.com/gorilla/context/context.go:141 (0x4e90a73)
		ClearHandler.func1: h.ServeHTTP(w, r)
	/Users/ash/.asdf/installs/golang/1.15.5/go/src/net/http/server.go:2042 (0x43784a3)
		HandlerFunc.ServeHTTP: f(w, r)
	/Users/ash/.asdf/installs/golang/1.15.5/go/src/net/http/server.go:2843 (0x437baa2)
		serverHandler.ServeHTTP: handler.ServeHTTP(rw, req)
	/Users/ash/.asdf/installs/golang/1.15.5/go/src/net/http/server.go:1925 (0x43772ac)
		(*conn).serve: serverHandler{c.server}.ServeHTTP(w, w.req)
	/Users/ash/.asdf/installs/golang/1.15.5/go/src/runtime/asm_amd64.s:1374 (0x4074800)
		goexit: BYTE	$0x90	// NOP

2021/01/18 12:34:17 ...s/context/context.go:139:HTML() [D] Template: status/500
2021/01/18 12:34:17 Completed POST /user/settings/security/two_factor/enroll 500 Internal Server Error in 18.599542ms

Poking around with spew, I inspected a few things:

diff --git a/routers/user/setting/security_twofa.go b/routers/user/setting/security_twofa.go
index 4ee698e15..1f8790c80 100644
--- a/routers/user/setting/security_twofa.go
+++ b/routers/user/setting/security_twofa.go
@@ -18,6 +18,7 @@ import (
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
 
+	"github.com/davecgh/go-spew/spew"
 	"github.com/pquerna/otp"
 	"github.com/pquerna/otp/totp"
 )
@@ -131,6 +132,9 @@ func twofaGenerateSecretAndQr(ctx *context.Context) bool {
 		return false
 	}
 
+	secret := ctx.Session.Get("twofaSecret")
+	spew.Dump(secret)
+
 	// Here we're just going to try to release the session early
 	if err := ctx.Session.Release(); err != nil {
 		// we'll tolerate errors here as they *should* get saved elsewhere
@@ -189,7 +193,10 @@ func EnrollTwoFactorPost(ctx *context.Context, form auth.TwoFactorAuthForm) {
 		return
 	}
 
-	secret := ctx.Session.Get("twofaSecret").(string)
+	secretRaw := ctx.Session.Get("twofaSecret")
+	spew.Dump(secretRaw)
+	secret := secretRaw.(string)
+
 	if !totp.Validate(form.Passcode, secret) {
 		if !twofaGenerateSecretAndQr(ctx) {
 			return

So twofaSecret is definitely being set in twofaGenerateSecretAndQr():

2021/01/18 12:46:22 Started GET /user/settings/security/two_factor/enroll for [::1]
2021/01/18 12:46:22 ...s/context/context.go:332:func1() [D] Session ID: e4caaa2fecf66e50
2021/01/18 12:46:22 ...s/context/context.go:333:func1() [D] CSRF Token: 2DJMrG_lojPkdmUpJS6-gzHJMJM6MTYxMDkzNDM2OTY2NzY0MzAwMA
(string) (len=64) "3VB6QWMVPINC7GCBHURBZWBPTT67PJTB24CYCZJRT5PSQO5PLUV7UV23JP2SUZLP"
2021/01/18 12:46:22 ...s/context/context.go:139:HTML() [D] Template: user/settings/twofa_enroll
2021/01/18 12:46:22 Completed GET /user/settings/security/two_factor/enroll 200 OK in 38.865958ms

But is not available in EnrollTwoFactorPost():

2021/01/18 12:48:02 Started POST /user/settings/security/two_factor/enroll for [::1]
2021/01/18 12:48:02 ...s/context/context.go:332:func1() [D] Session ID: e4caaa2fecf66e50
2021/01/18 12:48:02 ...s/context/context.go:333:func1() [D] CSRF Token: 2DJMrG_lojPkdmUpJS6-gzHJMJM6MTYxMDkzNDM2OTY2NzY0MzAwMA
(interface {}) <nil>
2021/01/18 12:48:02 ...les/context/panic.go:35:1() [E] PANIC:: interface conversion: interface {} is nil, not string
	/Users/ash/.asdf/installs/golang/1.15.5/go/src/runtime/iface.go:261 (0x4010a6e)
		panicdottypeE: panic(&TypeAssertionError{iface, have, want, ""})
	/Users/ash/src/personal/external/gitea/routers/user/setting/security_twofa.go:198 (0x5993e1e)
		EnrollTwoFactorPost: secret := secretRaw.(string)
--snip--
2021/01/18 12:48:02 ...s/context/context.go:139:HTML() [D] Template: status/500
2021/01/18 12:48:02 Completed POST /user/settings/security/two_factor/enroll 500 Internal Server Error in 19.246833ms

@ashmckenzie commented on GitHub (Jan 18, 2021): I cloned this repo, checkout out `v1.13.1` and was able to replicate: ``` 2021/01/18 12:34:17 Started POST /user/settings/security/two_factor/enroll for 127.0.0.1 2021/01/18 12:34:17 ...s/context/context.go:332:func1() [D] Session ID: e6a55fa994ded52b 2021/01/18 12:34:17 ...s/context/context.go:333:func1() [D] CSRF Token: TP4vwFjSw2rIdrB5aTkbaODmWYM6MTYxMDkzMzY1MDEzNTczMTAwMA 2021/01/18 12:34:17 ...les/context/panic.go:35:1() [E] PANIC:: interface conversion: interface {} is nil, not string /Users/ash/.asdf/installs/golang/1.15.5/go/src/runtime/iface.go:261 (0x400ff0e) panicdottypeE: panic(&TypeAssertionError{iface, have, want, ""}) /Users/ash/src/personal/external/gitea/routers/user/setting/security_twofa.go:192 (0x5989e1e) EnrollTwoFactorPost: secret := ctx.Session.Get("twofaSecret").(string) /Users/ash/.asdf/installs/golang/1.15.5/go/src/reflect/value.go:476 (0x40a1746) Value.call: call(frametype, fn, args, uint32(frametype.size), uint32(retOffset)) /Users/ash/.asdf/installs/golang/1.15.5/go/src/reflect/value.go:337 (0x40a0c38) Value.Call: return v.call("Call", in) /Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/inject/inject.go:177 (0x49831d9) (*injector).callInvoke: return reflect.ValueOf(f).Call(in), nil /Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/inject/inject.go:137 (0x4982baa) (*injector).Invoke: return inj.callInvoke(f, t, t.NumIn()) /Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/macaron/context.go:121 (0x49846fc) (*Context).run: vals, err := c.Invoke(c.handler()) /Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/macaron/context.go:112 (0x5267af4) (*Context).Next: c.run() /Users/ash/src/personal/external/gitea/modules/context/panic.go:39 (0x5267ae5) Recovery.func1: ctx.Next() /Users/ash/.asdf/installs/golang/1.15.5/go/src/reflect/value.go:476 (0x40a1746) Value.call: call(frametype, fn, args, uint32(frametype.size), uint32(retOffset)) /Users/ash/.asdf/installs/golang/1.15.5/go/src/reflect/value.go:337 (0x40a0c38) Value.Call: return v.call("Call", in) /Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/inject/inject.go:177 (0x49831d9) (*injector).callInvoke: return reflect.ValueOf(f).Call(in), nil /Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/inject/inject.go:137 (0x4982baa) (*injector).Invoke: return inj.callInvoke(f, t, t.NumIn()) /Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/macaron/context.go:121 (0x49846fc) (*Context).run: vals, err := c.Invoke(c.handler()) /Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/macaron/context.go:112 (0x521b7c4) (*Context).Next: c.run() /Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/session/session.go:192 (0x521b7ad) Sessioner.func1: ctx.Next() /Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/macaron/context.go:79 (0x4984572) ContextInvoker.Invoke: invoke(params[0].(*Context)) /Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/inject/inject.go:157 (0x4982ef4) (*injector).fastInvoke: return f.Invoke(in) /Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/inject/inject.go:135 (0x4982c99) (*injector).Invoke: return inj.fastInvoke(v, t, t.NumIn()) /Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/macaron/context.go:121 (0x49846fc) (*Context).run: vals, err := c.Invoke(c.handler()) /Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/macaron/context.go:112 (0x4996285) (*Context).Next: c.run() /Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/macaron/recovery.go:161 (0x4996278) Recovery.func1: c.Next() /Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/macaron/logger.go:40 (0x49882b7) LoggerInvoker.Invoke: invoke(params[0].(*Context), params[1].(*log.Logger)) /Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/inject/inject.go:157 (0x4982ef4) (*injector).fastInvoke: return f.Invoke(in) /Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/inject/inject.go:135 (0x4982c99) (*injector).Invoke: return inj.fastInvoke(v, t, t.NumIn()) /Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/macaron/context.go:121 (0x49846fc) (*Context).run: vals, err := c.Invoke(c.handler()) /Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/macaron/context.go:112 (0x5dad724) (*Context).Next: c.run() /Users/ash/src/personal/external/gitea/routers/routes/routes.go:109 (0x5dad70e) RouterHandler.func1: ctx.Next() /Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/macaron/context.go:79 (0x4984572) ContextInvoker.Invoke: invoke(params[0].(*Context)) /Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/inject/inject.go:157 (0x4982ef4) (*injector).fastInvoke: return f.Invoke(in) /Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/inject/inject.go:135 (0x4982c99) (*injector).Invoke: return inj.fastInvoke(v, t, t.NumIn()) /Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/macaron/context.go:121 (0x49846fc) (*Context).run: vals, err := c.Invoke(c.handler()) /Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/macaron/router.go:187 (0x49974d0) (*Router).Handle.func1: c.run() /Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/macaron/router.go:294 (0x4990d0f) (*Router).ServeHTTP: leaf.handle(rw, req, nil) /Users/ash/src/personal/external/gitea/vendor/gitea.com/macaron/macaron/macaron.go:218 (0x498962d) (*Macaron).ServeHTTP: m.Router.ServeHTTP(rw, req) /Users/ash/src/personal/external/gitea/vendor/github.com/gorilla/context/context.go:141 (0x4e90a73) ClearHandler.func1: h.ServeHTTP(w, r) /Users/ash/.asdf/installs/golang/1.15.5/go/src/net/http/server.go:2042 (0x43784a3) HandlerFunc.ServeHTTP: f(w, r) /Users/ash/.asdf/installs/golang/1.15.5/go/src/net/http/server.go:2843 (0x437baa2) serverHandler.ServeHTTP: handler.ServeHTTP(rw, req) /Users/ash/.asdf/installs/golang/1.15.5/go/src/net/http/server.go:1925 (0x43772ac) (*conn).serve: serverHandler{c.server}.ServeHTTP(w, w.req) /Users/ash/.asdf/installs/golang/1.15.5/go/src/runtime/asm_amd64.s:1374 (0x4074800) goexit: BYTE $0x90 // NOP 2021/01/18 12:34:17 ...s/context/context.go:139:HTML() [D] Template: status/500 2021/01/18 12:34:17 Completed POST /user/settings/security/two_factor/enroll 500 Internal Server Error in 18.599542ms ``` Poking around with `spew`, I inspected a few things: ```diff diff --git a/routers/user/setting/security_twofa.go b/routers/user/setting/security_twofa.go index 4ee698e15..1f8790c80 100644 --- a/routers/user/setting/security_twofa.go +++ b/routers/user/setting/security_twofa.go @@ -18,6 +18,7 @@ import ( "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/setting" + "github.com/davecgh/go-spew/spew" "github.com/pquerna/otp" "github.com/pquerna/otp/totp" ) @@ -131,6 +132,9 @@ func twofaGenerateSecretAndQr(ctx *context.Context) bool { return false } + secret := ctx.Session.Get("twofaSecret") + spew.Dump(secret) + // Here we're just going to try to release the session early if err := ctx.Session.Release(); err != nil { // we'll tolerate errors here as they *should* get saved elsewhere @@ -189,7 +193,10 @@ func EnrollTwoFactorPost(ctx *context.Context, form auth.TwoFactorAuthForm) { return } - secret := ctx.Session.Get("twofaSecret").(string) + secretRaw := ctx.Session.Get("twofaSecret") + spew.Dump(secretRaw) + secret := secretRaw.(string) + if !totp.Validate(form.Passcode, secret) { if !twofaGenerateSecretAndQr(ctx) { return ``` So `twofaSecret` is definitely being set in `twofaGenerateSecretAndQr()`: ``` 2021/01/18 12:46:22 Started GET /user/settings/security/two_factor/enroll for [::1] 2021/01/18 12:46:22 ...s/context/context.go:332:func1() [D] Session ID: e4caaa2fecf66e50 2021/01/18 12:46:22 ...s/context/context.go:333:func1() [D] CSRF Token: 2DJMrG_lojPkdmUpJS6-gzHJMJM6MTYxMDkzNDM2OTY2NzY0MzAwMA (string) (len=64) "3VB6QWMVPINC7GCBHURBZWBPTT67PJTB24CYCZJRT5PSQO5PLUV7UV23JP2SUZLP" 2021/01/18 12:46:22 ...s/context/context.go:139:HTML() [D] Template: user/settings/twofa_enroll 2021/01/18 12:46:22 Completed GET /user/settings/security/two_factor/enroll 200 OK in 38.865958ms ``` But is not available in `EnrollTwoFactorPost()`: ``` 2021/01/18 12:48:02 Started POST /user/settings/security/two_factor/enroll for [::1] 2021/01/18 12:48:02 ...s/context/context.go:332:func1() [D] Session ID: e4caaa2fecf66e50 2021/01/18 12:48:02 ...s/context/context.go:333:func1() [D] CSRF Token: 2DJMrG_lojPkdmUpJS6-gzHJMJM6MTYxMDkzNDM2OTY2NzY0MzAwMA (interface {}) <nil> 2021/01/18 12:48:02 ...les/context/panic.go:35:1() [E] PANIC:: interface conversion: interface {} is nil, not string /Users/ash/.asdf/installs/golang/1.15.5/go/src/runtime/iface.go:261 (0x4010a6e) panicdottypeE: panic(&TypeAssertionError{iface, have, want, ""}) /Users/ash/src/personal/external/gitea/routers/user/setting/security_twofa.go:198 (0x5993e1e) EnrollTwoFactorPost: secret := secretRaw.(string) --snip-- 2021/01/18 12:48:02 ...s/context/context.go:139:HTML() [D] Template: status/500 2021/01/18 12:48:02 Completed POST /user/settings/security/two_factor/enroll 500 Internal Server Error in 19.246833ms ```

GiteaMirror commented 2025-11-02 07:00:14 -06:00

Author

Owner

Copy Link

@zeripath commented on GitHub (Jan 20, 2021):

I missed the malwarebytes thing - Is there anyway we can not fall foul of this?

@zeripath commented on GitHub (Jan 20, 2021): I missed the malwarebytes thing - Is there anyway we can not fall foul of this?

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

release/v1.25

release/v1.24

release/v1.23

release/v1.22

release/v1.21

release/v1.20

release/v1.19

release/v1.18

release/v1.17

release/v1.16

release/v1.15

release/v1.14

release/v1.13

release/v1.12

release/v1.11

release/v1.10

release/v1.9

release/v1.8

v1.25.3

v1.25.2

v1.25.1

v1.25.0

v1.24.7

v1.25.0-rc0

v1.26.0-dev

v1.24.6

v1.24.5

v1.24.4

v1.24.3

v1.24.2

v1.24.1

v1.24.0

v1.23.8

v1.24.0-rc0

v1.25.0-dev

v1.23.7

v1.23.6

v1.23.5

v1.23.4

v1.23.3

v1.23.2

v1.23.1

v1.23.0

v1.23.0-rc0

v1.24.0-dev

v1.22.6

v1.22.5

v1.22.4

v1.22.3

v1.22.2

v1.22.1

v1.22.0

v1.23.0-dev

v1.22.0-rc1

v1.21.11

v1.22.0-rc0

v1.21.10

v1.21.9

v1.21.8

v1.21.7

v1.21.6

v1.21.5

v1.21.4

v1.21.3

v1.21.2

v1.20.6

v1.21.1

v1.21.0

v1.21.0-rc2

v1.21.0-rc1

v1.20.5

v1.22.0-dev

v1.21.0-rc0

v1.20.4

v1.20.3

v1.20.2

v1.20.1

v1.20.0

v1.19.4

v1.21.0-dev

v1.20.0-rc2

v1.20.0-rc1

v1.20.0-rc0

v1.19.3

v1.19.2

v1.19.1

v1.19.0

v1.19.0-rc1

v1.20.0-dev

v1.19.0-rc0

v1.18.5

v1.18.4

v1.18.3

v1.18.2

v1.18.1

v1.18.0

v1.17.4

v1.18.0-rc1

v1.19.0-dev

v1.18.0-rc0

v1.17.3

v1.17.2

v1.17.1

v1.17.0

v1.17.0-rc2

v1.16.9

v1.17.0-rc1

v1.18.0-dev

v1.16.8

v1.16.7

v1.16.6

v1.16.5

v1.16.4

v1.16.3

v1.16.2

v1.16.1

v1.16.0

v1.15.11

v1.17.0-dev

v1.16.0-rc1

v1.15.10

v1.15.9

v1.15.8

v1.15.7

v1.15.6

v1.15.5

v1.15.4

v1.15.3

v1.15.2

v1.15.1

v1.14.7

v1.15.0

v1.15.0-rc3

v1.14.6

v1.15.0-rc2

v1.14.5

v1.16.0-dev

v1.15.0-rc1

v1.14.4

v1.14.3

v1.14.2

v1.14.1

v1.14.0

v1.13.7

v1.14.0-rc2

v1.13.6

v1.13.5

v1.14.0-rc1

v1.15.0-dev

v1.13.4

v1.13.3

v1.13.2

v1.13.1

v1.13.0

v1.12.6

v1.13.0-rc2

v1.14.0-dev

v1.13.0-rc1

v1.12.5

v1.12.4

v1.12.3

v1.12.2

v1.12.1

v1.11.8

v1.12.0

v1.11.7

v1.12.0-rc2

v1.11.6

v1.12.0-rc1

v1.13.0-dev

v1.11.5

v1.11.4

v1.11.3

v1.10.6

v1.12.0-dev

v1.11.2

v1.10.5

v1.11.1

v1.10.4

v1.11.0

v1.11.0-rc2

v1.10.3

v1.11.0-rc1

v1.10.2

v1.10.1

v1.10.0

v1.9.6

v1.9.5

v1.10.0-rc2

v1.11.0-dev

v1.10.0-rc1

v1.9.4

v1.9.3

v1.9.2

v1.9.1

v1.9.0

v1.9.0-rc2

v1.10.0-dev

v1.9.0-rc1

v1.8.3

v1.8.2

v1.8.1

v1.8.0

v1.8.0-rc3

v1.7.6

v1.8.0-rc2

v1.7.5

v1.8.0-rc1

v1.9.0-dev

v1.7.4

v1.7.3

v1.7.2

v1.7.1

v1.7.0

v1.7.0-rc3

v1.6.4

v1.7.0-rc2

v1.6.3

v1.7.0-rc1

v1.7.0-dev

v1.6.2

v1.6.1

v1.6.0

v1.6.0-rc2

v1.5.3

v1.6.0-rc1

v1.6.0-dev

v1.5.2

v1.5.1

v1.5.0

v1.5.0-rc2

v1.5.0-rc1

v1.5.0-dev

v1.4.3

v1.4.2

v1.4.1

v1.4.0

v1.4.0-rc3

v1.4.0-rc2

v1.3.3

v1.4.0-rc1

v1.3.2

v1.3.1

v1.3.0

v1.3.0-rc2

v1.3.0-rc1

v1.2.3

v1.2.2

v1.2.1

v1.2.0

v1.2.0-rc3

v1.2.0-rc2

v1.1.4

v1.2.0-rc1

v1.1.3

v1.1.2

v1.1.1

v1.1.0

v1.0.2

v1.0.1

v1.0.0

v0.9.99

Labels

Clear labels

$20

$250

$50

$500

backport/done

💎 Bounty

docs-update-needed

good first issue

hacktoberfest

issue/bounty

issue/confirmed

issue/critical

issue/duplicate

issue/needs-feedback

issue/not-a-bug

issue/regression

issue/stale

issue/workaround

lgtm/need 2

modifies/api

modifies/translation

outdated/backport/v1.18

outdated/theme/markdown

outdated/theme/timetracker

performance/bigrepo

performance/cpu

performance/memory

performance/speed

pr/breaking

proposal/accepted

proposal/rejected

pr/wip

pull-request

Mirrored from GitHub Pull Request

reviewed/wontfix

💰 Rewarded

skip-changelog

status/blocked

topic/accessibility

topic/api

topic/authentication

topic/build

topic/code-linting

topic/commit-signing

topic/content-rendering

topic/deployment

topic/distribution

topic/federation

topic/gitea-actions

topic/issues

topic/lfs

topic/mobile

topic/moderation

topic/packages

topic/pr

topic/projects

topic/repo

topic/repo-migration

topic/security

topic/theme

topic/ui

topic/ui-interaction

topic/ux

topic/webhooks

topic/wiki

type/bug

type/deprecation

type/docs

type/enhancement

type/feature

type/miscellaneous

type/proposal

type/question

type/refactoring

type/summary

type/testing

type/upstream

No Label issue/needs-feedback

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

GiteaMirror ninjasurge

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/gitea#6583