[Archivesspace_Users_Group] [EXTERNAL] Re: Apache/httpd interfering with ASpace functionality
Huebschen, Alan M
ahueb2 at uis.edu
Thu Sep 30 09:56:27 EDT 2021
Update to issue:
The problem was with a SSL/TLS setting that is not recommended by the ASpace docs, but one put in place to appease a security scanner:
Header set Content-Security-Policy "object-src 'self'; script-src 'self' 'unsafe-inline'"
When set, this appears to disable some functionality within the staff interface.
-Alan
________________________________
From: archivesspace_users_group-bounces at lyralists.lyrasis.org <archivesspace_users_group-bounces at lyralists.lyrasis.org> on behalf of Huebschen, Alan M <ahueb2 at uis.edu>
Sent: Thursday, September 30, 2021 8:20 AM
To: Archivesspace Users Group
Subject: Re: [Archivesspace_Users_Group] [EXTERNAL] Re: Apache/httpd interfering with ASpace functionality
Hi Blake,
I have checked the apache logs, browser dev console, and archivesspace.out for some sort of related error messages but there is nothing. Nothing has appeared in the httpd log since hours before I started testing this morning. Nothing appears in the browser dev console when I attempt to click the 'Delete' button. I'm rather unsure how to troubleshoot this other than temporarily disabling SSL/TLS through apache and readding my config changes slowly.
-Alan
________________________________
From: archivesspace_users_group-bounces at lyralists.lyrasis.org <archivesspace_users_group-bounces at lyralists.lyrasis.org> on behalf of Blake Carver <blake.carver at lyrasis.org>
Sent: Wednesday, September 29, 2021 12:33 PM
To: Archivesspace Users Group
Subject: [EXTERNAL] Re: [Archivesspace_Users_Group] Apache/httpd interfering with ASpace functionality
Check your Apache logs for errors. Sounds like maybe it's some kind of issue there.
Also, check the browser devtools counsel for errors, they are likely to show up there too.
Also check the archivesspace.out log for errors, might be something in there.
________________________________
From: archivesspace_users_group-bounces at lyralists.lyrasis.org <archivesspace_users_group-bounces at lyralists.lyrasis.org> on behalf of Huebschen, Alan M <ahueb2 at uis.edu>
Sent: Wednesday, September 29, 2021 1:06 PM
To: Archivesspace Users Group <Archivesspace_Users_Group at lyralists.lyrasis.org>
Subject: [Archivesspace_Users_Group] Apache/httpd interfering with ASpace functionality
Good morning,
I have recently been made aware of some issues with functionality in our ArchivesSpace instance. Users are unable to perform some tasks, such as use the "Delete" button to delete records. I have tested my dev and prod copies of ASpace against local and remote DBs. My dev instance works perfectly fine, it does not use Apache/httpd for SSL/TLS but our production instance does. When I bypass Apache/httpd on the production instance, all of the functionality issues vanish.
We are currently running ArchivesSpace v3.1.0 and just upgraded from v2.8.0. The issues began in v2.8.0 and remain after our upgrade to v3.1.0.
Has anyone else run into similar issues with Apache/httpd or Nginx interfering with ASpace functionality? How did you resolve it?
I'm happy to provide more details if needed.
Thank you,
-Alan Huebschen
Brookens Library Information Systems
University of Illinois Springfield
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lyralists.lyrasis.org/pipermail/archivesspace_users_group/attachments/20210930/ae1ba4b4/attachment.html>
More information about the Archivesspace_Users_Group
mailing list