I have just installed the 3.0.3 version of Owncloud on a test server, to see if I can use it to “cloudify” some of my files, and I ran into an error that was not documented. After unsuccessful searches, I looked into the code and I finally figured out what was wrong.

When I tried to log in, or when I was logged if I try to modify any of the params in the web interface, the action failed silently, and the Apache logs showed 302 redirections from the page I was trying to access via POST to an other page.

Actually Owncloud uses the superglobal $_SERVER[‘HTTPS’] to guess if HTTPS is enabled. And on my webserver, maybe because I use suPHP and CGI, the $_SERVER[‘HTTPS’] was empty. So when Owncloud tried to check the referer for my POST request, it failed because it considered it was running with HTTP.

Fortunately, there is a simple workaround, as explained here : http://stackoverflow.com/a/6426731.

The key is to add the keywords “SetEnv HTTPS On” in the VirtualHost that is supposed to provide HTTPS, so that PHP could give the application the right information about SSL support.

I hope it will help those who are stuck with this error.

 

Update : I saw that this post have been referenced by a defect on the Owncloud bug tracker. In my opinion the SSL problem described here is the same in the Defect, and it’s not a Owncloud bug, it’s an Apache and/or PHP miscomprehension and/or misconfiguration problem that lead it to not giving the right informations to PHP.

I thought it was a bug, but thinking about how Owncloud handles the SSL information, and thinking about the possible reverse-proxy architecture, it it is probably not. Using $_SERVER[‘HTTPS’] is the right way to do it, Apache should be aware of SSL and give the information to PHP.

Maybe it’s a bad handling of CGI in my Debian and/or Apache and/or suPHP version.