Page MenuHomePhabricator

Phabricator shows no images but 403 error as the used internet provider is an active Zero partner
Closed, DuplicatePublic

Description

When I come on phabricator, I no see logo and my profile picture.
When I go on https://phab.wmfusercontent.org/file/data/fvjs4shqlwzt4f6lojo4/PHID-FILE-7nt7o34nd6cgzw2ipdow/profile I got:

Error

Our servers are currently under maintenance or experiencing a technical problem. Please try again in a few minutes.

See the error message at the bottom of this page for more information.

If you report this error to the Wikimedia System Administrators, please include the details below.

Request from 109.245.159.208 via cp3010 frontend, Varnish XID 126542914
Upstream caches: cp3010 int
Error: 403, Disallowed at Tue, 02 Jan 2018 19:19:06 GMT

I am not on blacklist https://github.com/wikimedia/puppet/blob/d8fc61177ba6465fc34f409d486f958c1afa4f26/modules/phabricator/files/apache/phabbanlist.conf

T173537#3886490 explains the reasons - https://gerrit.wikimedia.org/r/#/c/363264/ is blocking access here.

Event Timeline

Too, I have not vpn, wikipedia-zero. Adblocker is disabled for all wmf projects.

Aklapper renamed this task from Phabricator no show pictuers to Phabricator shows no images for specific user but a 403 error.Jan 2 2018, 8:11 PM

I contacted my provider Telenor Serbia, per disscusion on irc channel #wikimedia-releng. Support told me to is problem with wikimedia. No with telenor.

@Zoranzoki21 your ISP is a active wikipedia zero member.

Unfortunately, I believe this is expected behavior. Separately from the specific IPs in phabbanlist.conf, all users in Zero IP ranges are currently blocked from accessing uploaded files in Phabricator via https://gerrit.wikimedia.org/r/#/c/363264 (see T168142 for background on the abuse that led to this block).

Aklapper renamed this task from Phabricator shows no images for specific user but a 403 error to Phabricator shows no images but 403 error as the used internet provider is an active Zero partner.Jan 9 2018, 3:47 PM
Aklapper updated the task description. (Show Details)
Kizule reopened this task as Open.EditedJan 9 2018, 6:08 PM

But why I had problem and when I had internet in orion telekom which is not partner with Wikimedia and have not wikipedia zero?? IP range of orion telekom is not included in black list.

You're correct that Orion Telekom is not and appears never to have been a Zero partner.

I would need to see the response headers from a request from an Orion Telekom IP address (any request, e.g., https://sr.wikipedia.org/wiki/Главна_страна, is fine) to begin to understand what could be happening there.

You're correct that Orion Telekom is not and appears never to have been a Zero partner.

I would need to see the response headers from a request from an Orion Telekom IP address (any request, e.g., https://sr.wikipedia.org/wiki/Главна_страна, is fine) to begin to understand what could be happening there.

And with using orion telekom internet and with using telenor internet I have problem only with showing pictuers on phabricator. I tested right now and with using oriontelekom, because my contractual obligation lasts until the 14th in orion.

@Zoranzoki21, using Orion, would you mind visiting https://en.wikipedia.org/w/api.php?action=zeroconfig&type=config and copy/pasting the result here?

Orion:

In JSON is all blank. Without content
In Raw Data is content: {}
In Headers is content:

X-Firefox-Spdy: h2
accept-ranges: bytes
age: 0
backend-timing: D=42945 t=1515526605732399
cache-control: private, must-revalidate, max-age=60
content-disposition: inline; filename="api-result.json"
content-encoding: gzip
content-length: 22
content-type: application/json; charset=utf-8
date: Tue, 09 Jan 2018 19:36:45 GMT
p3p: CP="This is not a P3P policy! See https://en.wikipedia.org/wiki/Special:CentralAutoLogin/P3P for more info."
server: mw1315.eqiad.wmnet
set-cookie: enwikiSession=dv2mhpdt29ueui04otikmblmnoluhv3c; path=/; secure; httponly
enwikiUserID=27692022; expires=Wed, 09-Jan-2019 19:36:45 GMT; Max-Age=31536000; path=/; secure; httponly
enwikiUserName=Zoranzoki21; expires=Wed, 09-Jan-2019 19:36:45 GMT; Max-Age=31536000; path=/; secure; httponly
forceHTTPS=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; httponly
forceHTTPS=true; expires=Thu, 08-Feb-2018 19:36:45 GMT; Max-Age=2592000; path=/; domain=.wikipedia.org; httponly
centralauth_User=Zoranzoki21; expires=Wed, 09-Jan-2019 19:36:45 GMT; Max-Age=31536000; path=/; domain=.wikipedia.org; secure; httponly
centralauth_Token=782df63d39e86ab2ea5d5abf8fc94353; expires=Wed, 09-Jan-2019 19:36:45 GMT; Max-Age=31536000; path=/; domain=.wikipedia.org; secure; httponly
centralauth_Session=fcbe8d6a6d08f447bb4db8c347d55a05; path=/; domain=.wikipedia.org; secure; httponly
strict-transport-security: max-age=106384710; includeSubDomains; preload
vary: Accept-Encoding,X-CS,X-Subdomain,X-Forwarded-By,Treat-as-Untrusted,X-Forwarded-Proto,Cookie,Authorization
via: 1.1 varnish-v4, 1.1 varnish-v4, 1.1 varnish-v4
x-analytics: ns=-1;special=Badtitle;loggedIn=1;WMF-Last-Access=09-Jan-2018;WMF-Last-Access-Global=09-Jan-2018;https=1
x-cache: cp1054 pass, cp3040 pass, cp3040 pass
x-cache-status: pass
x-client-ip: 178.253.245.237
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: HHVM/3.18.6-dev
x-varnish: 216541650, 78530760, 194549271

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Accept-Language: sr,sr-RS;q=0.8,sr-CS;q=0.6,en-US;q=0.4,en;q=0.2
Cache-Control: max-age=0
Connection: keep-alive
Cookie: WMF-Last-Access-Global=09-Jan-2018; WMF-Last-Access=09-Jan-2018; forceHTTPS=true; centralauth_User=Zoranzoki21; centralauth_Token=782df63d39e86ab2ea5d5abf8fc94353; enwikiUserID=27692022; enwikiUserName=Zoranzoki21; centralnotice_hide_Wikimania2018InternationalScholarships=%7B%22v%22%3A1%2C%22created%22%3A1515077078%2C%22reason%22%3A%22close%22%7D; VEE=wikitext; edittoolscharsubset=0; GeoIP=RS:00:Belgrade:44.82:20.47:v4; CP=H2; enwikiSession=dv2mhpdt29ueui04otikmblmnoluhv3c; centralauth_Session=fcbe8d6a6d08f447bb4db8c347d55a05
Host: en.wikipedia.org
Referer: https://phabricator.wikimedia.org/T183980
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; rv:57.0) Gecko/20100101 Firefox/57.0

But, from right now I see pictuers normal in orion. I will now move back on telenor.

I am now at telenor, JSON and Raw Data are same results.
Header:

X-Firefox-Spdy: h2
accept-ranges: bytes
age: 0
backend-timing: D=53158 t=1515526826658729
cache-control: private, must-revalidate, max-age=60
content-disposition: inline; filename="api-result.json"
content-encoding: gzip
content-length: 22
content-type: application/json; charset=utf-8
date: Tue, 09 Jan 2018 19:40:26 GMT
server: mw1207.eqiad.wmnet
strict-transport-security: max-age=106384710; includeSubDomains; preload
vary: Accept-Encoding,X-CS,X-Subdomain,X-Forwarded-By,Treat-as-Untrusted,X-Forwarded-Proto,Cookie,Authorization
via: 1.1 varnish-v4, 1.1 varnish-v4, 1.1 varnish-v4
x-analytics: ns=-1;special=Badtitle;loggedIn=1;WMF-Last-Access=09-Jan-2018;WMF-Last-Access-Global=09-Jan-2018;zero=220-01;https=1
x-cache: cp1055 pass, cp3033 pass, cp3043 pass
x-cache-status: pass
x-carrier: 220-01
x-client-ip: 109.245.159.208
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: HHVM/3.18.6-dev
x-varnish: 578739419, 154986960, 656476772

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Accept-Language: sr,sr-RS;q=0.8,sr-CS;q=0.6,en-US;q=0.4,en;q=0.2
Cache-Control: max-age=0
Connection: keep-alive
Cookie: WMF-Last-Access-Global=09-Jan-2018; WMF-Last-Access=09-Jan-2018; forceHTTPS=true; centralauth_User=Zoranzoki21; centralauth_Token=782df63d39e86ab2ea5d5abf8fc94353; enwikiUserID=27692022; enwikiUserName=Zoranzoki21; centralnotice_hide_Wikimania2018InternationalScholarships=%7B%22v%22%3A1%2C%22created%22%3A1515077078%2C%22reason%22%3A%22close%22%7D; VEE=wikitext; edittoolscharsubset=0; GeoIP=RS:00:Belgrade:44.82:20.47:v4; CP=H2; enwikiSession=dv2mhpdt29ueui04otikmblmnoluhv3c; centralauth_Session=fcbe8d6a6d08f447bb4db8c347d55a05
Host: en.wikipedia.org
Referer: https://phabricator.wikimedia.org/T183980
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; rv:57.0) Gecko/20100101 Firefox/57.0

Phabricator finally works as expected. I got SMS message yesterday from my provider about disabling WP Zero at 6th December.. Is it real?

Feel free to contact your provider about messages sent from your provider. :)