502 error - Authentication popup never shown in browser #213

New Issue

michael · 2026-01-19T18:29:26Z

michael commented

2026-01-19 18:29:26 +00:00

Originally created by @srinisubramanian on GitHub.

I have a private transfer.sh instance running with authentication switched on. The setup is as follows:

transfer.sh running on http://localhost:4000 on Centos 7
Exposed to the internet via nginx with http redirect to https
X-Forwarded-Proto is set so that transfer.sh displays all urls as https

Issue:

When I upload small files of a few KB the browser pop up for auth appears and accepts the user id and password.
When I upload larger files (of a few MB) that take a few seconds to upload, the authentication popup never appears and after a few seconds after reaching 100% a (502) error is displayed like this: Error (502) during upload of file .....
In the transfer.sh server log a 401 error is recorded
The workaround is to first upload a small file, authenticate and then upload the large file and it then works.

Any ideas if this is a config/landscape fix or needs a code change?

Originally created by @srinisubramanian on GitHub. I have a private transfer.sh instance running with authentication switched on. The setup is as follows: 1. transfer.sh running on http://localhost:4000 on Centos 7 2. Exposed to the internet via nginx with http redirect to https 3. X-Forwarded-Proto is set so that transfer.sh displays all urls as https Issue: 1. When I upload small files of a few KB the browser pop up for auth appears and accepts the user id and password. 2. When I upload larger files (of a few MB) that take a few seconds to upload, the authentication popup never appears and after a few seconds after reaching 100% a (502) error is displayed like this: Error (502) during upload of file ..... 3. In the transfer.sh server log a 401 error is recorded 4. The workaround is to first upload a small file, authenticate and then upload the large file and it then works. Any ideas if this is a config/landscape fix or needs a code change?

michael closed this issue

2026-01-19 18:29:26 +00:00

michael commented

2026-01-19 18:29:27 +00:00

@paolafrancesca commented on GitHub:

after the progress bar in the frontend is complete

I was able to reproduce the issue letting transfer.sh listen on http and use the X-Forwarded-Proto header

in my current setup transer.sh is also listening on https

  location / {
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_pass https://127.0.0.1:4000/;
  }

@paolafrancesca commented on GitHub: after the progress bar in the frontend is complete I was able to reproduce the issue letting transfer.sh listen on http and use the `X-Forwarded-Proto` header in my current setup transer.sh is also listening on https ``` location / { proxy_set_header Host $host; proxy_set_header X-Forwarded-For $remote_addr; proxy_pass https://127.0.0.1:4000/; } ```

michael commented

2026-01-19 18:29:27 +00:00

@srinisubramanian commented on GitHub:

Yes. My setup runs on http. If you can find a fix let me know. Else maybe I need to run internal on a self signed https certificate.

@srinisubramanian commented on GitHub: Yes. My setup runs on http. If you can find a fix let me know. Else maybe I need to run internal on a self signed https certificate.

michael commented

2026-01-19 18:29:27 +00:00

@paolafrancesca commented on GitHub:

@srinisubramanian I have exactly the same setuo and I couldn't reproduce the issue

can you post your configuration for nginx and the args for transfer.sh?
also, can you test uploading the file directly to transfer.sh with some client that support the authentication challenge?

it seems to be a issue on the nginx side

@paolafrancesca commented on GitHub: @srinisubramanian I have exactly the same setuo and I couldn't reproduce the issue can you post your configuration for nginx and the args for transfer.sh? also, can you test uploading the file directly to transfer.sh with some client that support the authentication challenge? it seems to be a issue on the nginx side

michael commented

2026-01-19 18:29:27 +00:00

@srinisubramanian commented on GitHub:

In your case does the auth pop up immediately on the web page or after the upload is complete?

I will post the config shortly.

@srinisubramanian commented on GitHub: In your case does the auth pop up immediately on the web page or after the upload is complete? I will post the config shortly.

michael commented

2026-01-19 18:29:27 +00:00

@paolafrancesca commented on GitHub:

if the proxy is on http it has a certificate, so you can use the same on transfer.sh (that's what I do)
I will investigate a little more on the problem

@paolafrancesca commented on GitHub: if the proxy is on http it has a certificate, so you can use the same on transfer.sh (that's what I do) I will investigate a little more on the problem

michael commented

2026-01-19 18:29:27 +00:00

@paolafrancesca commented on GitHub:

the problem seems to be on how nginx expects response from the server when uploading file.
the transfer.sh upstream is sending a 401 before nginx finishes to upload the file, causing the 502

now I have the same issue even with https upstream

@paolafrancesca commented on GitHub: the problem seems to be on how nginx expects response from the server when uploading file. the transfer.sh upstream is sending a 401 before nginx finishes to upload the file, causing the 502 now I have the same issue even with https upstream

michael commented

2026-01-19 18:29:27 +00:00

@paolafrancesca commented on GitHub:

https://blog.bigbinary.com/2016/01/07/not-using-https-might-be-breaking-file-uploads.html

@paolafrancesca commented on GitHub: https://blog.bigbinary.com/2016/01/07/not-using-https-might-be-breaking-file-uploads.html

michael commented

2026-01-19 18:29:27 +00:00

@srinisubramanian commented on GitHub:

No luck @aspacca Not working. Still returns the 502 error

Here is my nginx config.

    location / {
            proxy_set_header X-Real-IP  $remote_addr;
            proxy_set_header X-Forwarded-For $remote_addr;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_set_header Host $host;
            keepalive_requests 0;
            keepalive_timeout 0s;
            proxy_pass http://127.0.0.1:9400;
            client_max_body_size 100m;
            proxy_read_timeout 600s;
    }

@srinisubramanian commented on GitHub: No luck @aspacca Not working. Still returns the 502 error Here is my nginx config. location / { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header Host $host; keepalive_requests 0; keepalive_timeout 0s; proxy_pass http://127.0.0.1:9400; client_max_body_size 100m; proxy_read_timeout 600s; }

michael commented

2026-01-19 18:29:27 +00:00

@paolafrancesca commented on GitHub:

it should be solved with http upstream and X-Forwarded-Proto and setting the following in the block with the proxy directive:

    keepalive_requests 0;
    keepalive_timeout 0s;

can you please try?

@paolafrancesca commented on GitHub: it should be solved with http upstream and `X-Forwarded-Proto` and setting the following in the block with the proxy directive: ``` keepalive_requests 0; keepalive_timeout 0s; ``` can you please try?

michael commented

2026-01-19 18:29:27 +00:00

@srinisubramanian commented on GitHub:

Ok. So you are suggesting I just turn on https? Will do and check.

@srinisubramanian commented on GitHub: Ok. So you are suggesting I just turn on https? Will do and check.

michael commented

2026-01-19 18:29:27 +00:00

@paolafrancesca commented on GitHub:

damn, I tested only once, it worked, now not anymore
can you ask in the nginx mailing list?

@paolafrancesca commented on GitHub: damn, I tested only once, it worked, now not anymore can you ask in the nginx mailing list?

michael commented

2026-01-19 18:29:27 +00:00

@paolafrancesca commented on GitHub:

thanks

@paolafrancesca commented on GitHub: thanks

michael commented

2026-01-19 18:29:27 +00:00

@srinisubramanian commented on GitHub:

Here’s what I did for now.

Switched off auth in transfer.sh
Enabled http basic auth in nginx for the transfersh site except for GET
This allows site to load without auth, download to happen without auth and upload prompts for password immediately

I can live with this for now :)

@srinisubramanian commented on GitHub: Here’s what I did for now. - Switched off auth in transfer.sh - Enabled http basic auth in nginx for the transfersh site except for GET - This allows site to load without auth, download to happen without auth and upload prompts for password immediately I can live with this for now :)

michael commented

2026-01-19 18:29:27 +00:00

@srinisubramanian commented on GitHub:

Will do

@srinisubramanian commented on GitHub: Will do

michael commented

2026-01-19 18:29:27 +00:00

@paolafrancesca commented on GitHub:

just to know, did you ask in the nginx mailing list?
otherwise I will do

@paolafrancesca commented on GitHub: just to know, did you ask in the nginx mailing list? otherwise I will do

michael commented

2026-01-19 18:29:27 +00:00

@srinisubramanian commented on GitHub:

I will ask tomorrow. If you want to go ahead

@srinisubramanian commented on GitHub: I will ask tomorrow. If you want to go ahead

michael commented

2026-01-19 18:29:27 +00:00

@paolafrancesca commented on GitHub:

@srinisubramanian I found the solution:
proxy_request_buffering off;

available from nginx 1.7.11: https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_request_buffering

@paolafrancesca commented on GitHub: @srinisubramanian I found the solution: `proxy_request_buffering off;` available from nginx 1.7.11: https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_request_buffering

michael commented

2026-01-19 18:29:27 +00:00

@paolafrancesca commented on GitHub:

@srinisubramanian just subscribed to the mailing list and waiting for confirmation email as well

https://forum.nginx.org may be an alternative if you want to try (https://forum.nginx.org/read.php?2,255)

@paolafrancesca commented on GitHub: @srinisubramanian just subscribed to the mailing list and waiting for confirmation email as well https://forum.nginx.org may be an alternative if you want to try (https://forum.nginx.org/read.php?2,255)

michael commented

2026-01-19 18:29:27 +00:00

@paolafrancesca commented on GitHub:

oki thanks

@paolafrancesca commented on GitHub: oki thanks

michael commented

2026-01-19 18:29:27 +00:00

@srinisubramanian commented on GitHub:

Having trouble getting on to that mailing list. Confirmation mail never reaches, tried a couple.

@aspacca can you please post?

@srinisubramanian commented on GitHub: Having trouble getting on to that mailing list. Confirmation mail never reaches, tried a couple. @aspacca can you please post?

michael commented

2026-01-19 18:29:27 +00:00

@srinisubramanian commented on GitHub:

@aspacca This works, thanks. Also the behavior is such that the user id/pwd is prompted right at the beginning which is good. Thanks for following up on this.

@srinisubramanian commented on GitHub: @aspacca This works, thanks. Also the behavior is such that the user id/pwd is prompted right at the beginning which is good. Thanks for following up on this.

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: dutchcoders/transfer.sh#213