DaYroXy Comments - Answer Overflow

DaYroXy

Explore posts from servers

RReactiflux HHomarr

Posts Comments

HHomarr

•Created by DaYroXy on 3/10/2024 in #💬・get-help

No supported torrent, even tho qbit is integrated

Never knew that was a thing! now it works 🙂 was a simple CSRF issue thank you

19 replies

HHomarr

•Created by DaYroXy on 3/10/2024 in #💬・get-help

No supported torrent, even tho qbit is integrated

# wget --spider -S http://172.25.0.2:8080
Spider mode enabled. Check if remote file exists.
--2024-03-10 08:47:04--  http://172.25.0.2:8080/
Connecting to 172.25.0.2:8080... connected.
HTTP request sent, awaiting response...
  HTTP/1.1 200 OK
  cache-control: no-store
  connection: keep-alive
  content-length: 1671
  content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; script-src 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'self';
  content-type: text/html
  cross-origin-opener-policy: same-origin
  date: Sun, 10 Mar 2024 08:47:04 GMT
  referrer-policy: same-origin
  x-content-type-options: nosniff
  x-frame-options: SAMEORIGIN
  x-xss-protection: 1; mode=block
Length: 1671 (1.6K) [text/html]
Remote file exists and could contain further links,
but recursion is disabled -- not retrieving.

# wget --spider -S http://172.25.0.2:8080
Spider mode enabled. Check if remote file exists.
--2024-03-10 08:47:04--  http://172.25.0.2:8080/
Connecting to 172.25.0.2:8080... connected.
HTTP request sent, awaiting response...
  HTTP/1.1 200 OK
  cache-control: no-store
  connection: keep-alive
  content-length: 1671
  content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; script-src 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'self';
  content-type: text/html
  cross-origin-opener-policy: same-origin
  date: Sun, 10 Mar 2024 08:47:04 GMT
  referrer-policy: same-origin
  x-content-type-options: nosniff
  x-frame-options: SAMEORIGIN
  x-xss-protection: 1; mode=block
Length: 1671 (1.6K) [text/html]
Remote file exists and could contain further links,
but recursion is disabled -- not retrieving.

that from the homarr container

19 replies

HHomarr

•Created by DaYroXy on 3/10/2024 in #💬・get-help

No supported torrent, even tho qbit is integrated

its already off by default i didn't but in the headers there are no csrf

19 replies

HHomarr

•Created by DaYroXy on 3/10/2024 in #💬・get-help

No supported torrent, even tho qbit is integrated

if you mean in homarr it self i did and tried no luck, also i tried using wget 172.25.0.2:8080 from homarr shell and i got the login html fine too

19 replies

HHomarr

•Created by DaYroXy on 3/10/2024 in #💬・get-help

No supported torrent, even tho qbit is integrated

password is correct, i changed it now to double check also qbit doesnt use csrf i think here are the headers

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 10 Mar 2024 08:40:07 GMT
Content-Type: text/html
Content-Length: 3594
Connection: keep-alive
cache-control: no-store
content-encoding: gzip
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; script-src 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'self';
cross-origin-opener-policy: same-origin
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
X-Served-By: qbittorrent.lan

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 10 Mar 2024 08:40:07 GMT
Content-Type: text/html
Content-Length: 3594
Connection: keep-alive
cache-control: no-store
content-encoding: gzip
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; script-src 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'self';
cross-origin-opener-policy: same-origin
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
X-Served-By: qbittorrent.lan