Problem with users of site from facebook

Only users who click to site link from facebook get 520 error. All work normally if I copy this link to mobile browser. Othe user dont have problems. And strange record in server log "141.101.105.63 - - [28/Mar/2024:15:45:48 +0000] "-" 000 0 "http://m.facebook.com/" "Mozilla/5.0 (Linux; Android 13; 2209116AG Build/TKQ1.221114.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/122.0.6261.136 Mobile Safari/537.36 [FB_IAB/FB4A;FBAV/456.0.0.39.90;] " when i click link in Facebook application Ray ID 86b8d79ebfc15b83 The istructions about facebook from documentation was applied. with disabled cloudflare proxi I have in log record like this "x.x.x.x - - [28/Mar/2024:16:36:55 +0000] "GET /?fbclid=IwAR2rkGF9GzVV_cU8UXlYijTFTq1hf5j5jzhUSOPrcII-Z2rx9XR5xFQ32k8 HTTP/2.0" 200 44185 "https://l.facebook.com/" "Mozilla/5.0 (Linux; Android 13; 2209116AG Build/TKQ1.221114.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/123.0.6312.77 Mobile Safari/537.36 [FB_IAB/FB4A;FBAV/457.0.0.54.84;] [FB_IAB/FB4A;FBAV/457.0.0.54.84;]""
Facebook
Log into Facebook | Facebook
Log into Facebook to start sharing and connecting with your friends, family, and people you know.
Log in or sign up to view
See posts, photos and more on Facebook.
4 Replies
CosmosisT
CosmosisT9mo ago
Sounds like security policy in your headers may be too strict. Your site would block referred users by default to prevent certain attacks. E.g. Facebook link sends you to https://yoursite.com/deleteaccount?key=assad988932903120913490&otherbrute=stuffs If I'm not mistaken check out... strict-origin-when-cross-origin
warunlock
warunlockOP9mo ago
Hm.... thank you
CosmosisT
CosmosisT9mo ago
It's atleast one of the policy headers I believe to be conflicting with referrals. Referrer-Policy!
warunlock
warunlockOP9mo ago
looks like problem in "HTTP/2 to Origin" after disabling all work
Want results from more Discord servers?
Add your server