400 Error when downloading files since migration to Seafile 12

Seafile Client
,
1

Hello !

After the migration from version 10 to version 11, then to version 12, I realized that I cannot download individual files anymore neither from the Android client nor the WebUI. This was working properly in version 10.

Here is the seafhttp.access.log file. Notice that individual files do not work however I can still download a folder from the WebUI (which is first zipped). I find this strange but I don’t know if it is relevant. Currently, I use this as a workaround to download my files.

root@849c00cbfe78:/var/log/nginx# tail seafhttp.access.log
192.168.1.254 192.168.128.8 [06/Apr/2025:11:34:36 +0200] "GET /seafhttp/repos/4a73649b-2437-459f-86ea-005dfb05ce0a/files//six_mois.md/?op=download HTTP/1.1" 400 144 "https://stockage.example.fr/library/4a73649b-2437-459f-86ea-005dfb05ce0a/Jos%20%26%20John/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:137.0) Gecko/20100101 Firefox/137.0" 0.054
192.168.1.254 192.168.128.8 [06/Apr/2025:11:36:24 +0200] "GET /seafhttp/zip/44e606b5-6128-4fa7-8beb-3ee6011d64d0 HTTP/1.1" 200 20743978 "https://stockage.example.fr/library/4a73649b-2437-459f-86ea-005dfb05ce0a/Jos%20%26%20John/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:137.0) Gecko/20100101 Firefox/137.0" 0.017

This is the response I got on my client:

<!doctype html>
<html lang="en">
<head>
  <title>Bad Request (400)</title>
</head>
<body>
  <h1>Bad Request (400)</h1><p></p>
</body>
</html>

I am currently using the docker setup with image seafileltd/seafile-mc:12.0.11.
I use Traefik as a reverse proxy. I didn’t change any configuration on Traefik or Seafile expect the changes required at the OAuth2 level, as stated per the migration documentation.

2

Since version 12.0, the seaf-server component need to send internal requests to seahub component to check permissions.

The issue can be caused by a few different reasons:

  1. ALLOWED_HOSTS configuration in seahub_settings.py does not include 127.0.0.1. You can either remove ALLOWED_HOSTS configuration or add 127.0.0.1 to ALLOWED_HOSTS.
  2. JWT_PRIVATE_KEY not correctly set
  3. You reverse proxy does not set correctly

You can find more information at: [BUG] No permission to access file - when downloading any file · Issue #2877 · haiwen/seafile · GitHub

3

This was indeed coming from ALLOWED_HOSTS.
Previously it was set to only my domain like so.

ALLOWED_HOSTS = ['.example.fr']

Hence, adding the loopback address fixes the download issue.

ALLOWED_HOSTS = ['.example.fr', '127.0.0.1']

I must say, having such flat 400 error is kind of disturbing according to the fix.
I would been expecting some 403 or 500 instead.
Also, I’ve re-read the upgrade notes for v12 and I did not see anything related to the need to have now 127.0.0.1 in the configuration changes section.

Anyway, thanks for your help and the quick response.

1 Like