SUMMARY I have a self hosted webiste that redirects https://domain.tld/.well-known/matrix/client -> http://www.domain.tld/.well-known/matrix/client -> https://www.domain.tld/.well-known/matrix/client -> https://matrix.domain.tld/.well-client/matrix/client. May I ask why neochat requires https to be used throughout the entire chain even if the final url has https? curl -iL 'www.domain.tld/.well-known/matrix/client' HTTP/1.1 301 Moved Permanently Server: CloudFront Date: Tue, 02 Mar 2021 04:13:55 GMT Content-Type: text/html Content-Length: 183 Connection: keep-alive Location: https://www.domain.tld/.well-known/matrix/client X-Cache: Redirect from cloudfront Via: 1.1 d3f9b7e35643700c8f2c0d4716ce0574.cloudfront.net (CloudFront) X-Amz-Cf-Pop: LAX3-C4 X-Amz-Cf-Id: qbND_DjOc34c1opCxloPBqiR2jkMaHf5_ue8Qs1xHp9vlrj9lgCpw== HTTP/2 301 content-length: 0 location: http://matrix.domain.tld/.well-known/matrix/client date: Tue, 02 Mar 2021 04:10:07 GMT server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 12a5bcdb54ede5fbaec3241h3c798939.cloudfront.net (CloudFront) x-amz-cf-pop: LAX3-C4 x-amz-cf-id: 7aILZVPleHe6ApG7NwibhAv_wrmyFDxKnZDHI9rNSKPnPG2rR8TQ== age: 230 HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 02 Mar 2021 04:13:56 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: https://matrix.domain.tld/.well-known/matrix/client HTTP/2 200 server: nginx date: Tue, 02 Mar 2021 04:13:56 GMT content-type: application/json content-length: 632 last-modified: Sat, 28 Nov 2020 15:16:09 GMT etag: "5fc269b9-278" expires: Tue, 02 Mar 2021 08:13:56 GMT cache-control: max-age=14400 access-control-allow-origin: * accept-ranges: bytes { "m.homeserver": { "base_url": "https://matrix.domain.tld" } , "m.identity_server": { "base_url": "https://matrix.domain.tld" } , "m.integrations": { "managers": [ { "api_url": "https://dimension.domain.tld/api/v1/scalar", "ui_url": "https://dimension.domain.tld/element" } ] } , "io.element.jitsi": { "preferredDomain": "jitsi.domain.tld" }, "im.vector.riot.jitsi": { "preferredDomain": "jitsi.domain.tld" } , "io.element.e2ee": { "default": true, "secure_backup_required": false, "secure_backup_setup_methods": [] }, "im.vector.riot.e2ee": { "default": true } } STEPS TO REPRODUCE 1. 2. 3. neochat Both point size and pixel size set. Using pixel size. qrc:/qml/main.qml:254:5: QML Connections: Detected function "onRoomJoined" in Connections element. This is probably intended to be a signal handler but no signal of the target matches the name. Both point size and pixel size set. Using pixel size. qrc:/imports/NeoChat/Page/WelcomePage.qml:35:5: QML Connections: Implicitly defined onFoo properties in Connections are deprecated. Use this syntax instead: function onFoo(<arguments>) { ... } qrc:/imports/NeoChat/Panel/RoomDrawer.qml:64: TypeError: Cannot read property 'isFavourite' of null qrc:/imports/NeoChat/Panel/RoomDrawer.qml:67: TypeError: Cannot read property 'isFavourite' of null qrc:/imports/NeoChat/Panel/RoomDrawer.qml:62: TypeError: Cannot read property 'isFavourite' of null quotient.jobs: "GetWellknownJob" stopped with empty network reply quotient.jobs: Sent GET https://domain.t/.well-known/matrix/client quotient.jobs: "GetWellknownJob" stopped without ready network reply quotient.jobs: "GetWellknownJob" stopped with empty network reply quotient.jobs: Sent GET https://domain.tl/.well-known/matrix/client QHttpNetworkConnectionPrivate::_q_hostLookupFinished could not de-queue request, failed to report HostNotFoundError quotient.jobs: No valid HTTP headers from GET https://domain.tl/.well-known/matrix/client quotient.jobs: "GetWellknownJob" status NetworkError: Host domain.tl not found quotient.jobs: "GetWellknownJob": retry #1 in 5 s quotient.jobs: "GetWellknownJob" stopped with empty network reply quotient.jobs: Sent GET https://domain.tld/.well-known/matrix/client quotient.jobs: 302 <- GET http://www.domain.tld/.well-known/matrix/client quotient.jobs: "GetWellknownJob" status NetworkError: Insecure redirect quotient.jobs: "GetWellknownJob": retry #1 in 5 s quotient.jobs: Sent GET https://domain.tld/.well-known/matrix/client quotient.jobs: 302 <- GET http://www.domain.tld/.well-known/matrix/client quotient.jobs: "GetWellknownJob" status NetworkError: Insecure redirect quotient.jobs: "GetWellknownJob": retry #2 in 10 s quotient.jobs: Sent GET https://domain.tld/.well-known/matrix/client quotient.jobs: 302 <- GET http://www.domain.tld/.well-known/matrix/client quotient.jobs: "GetWellknownJob" status NetworkError: Insecure redirect EXPECTED RESULT Neochat should be able to follow http to https redirects unless upstream determined that https must be followed throughout the entire chain. I do not know the expected behavior and I have already reconfigured my website to avoid this issue. Official element desktop client does not have this issue. SOFTWARE/OS VERSIONS Windows: macOS: Linux/KDE Plasma: Manjaro Arm/wayland (available in About System) KDE Plasma Version: 5.21.1 KDE Frameworks Version: 5.79.0 Qt Version: 5.12.2 Neochat Version: 1.1.1 ADDITIONAL INFORMATION
Here is the steps to reproduce STEPS TO REPRODUCE 1. Create a matrix instance that redirects between http and https 2. Create an account 3. Open neochat 4. Attempt to login with @username:domain.tld 5. Neochat throws errors
Not redirecting from a secure to an insecure connection is important for security reasons so the behavior you are describing is expected.
Well-Known is kinda a discovery url without any sensitive information. Ok, this behavior is expected, I will close this issue.