Content of wiki page fail to load

Summary

Hello,

we're running our gitlab on-premise instance behind a reverse proxy, not allowing encoded slashes as part of an URI.

This results into this error message, when we try to open a wiki sub-page.

The content for this wiki page failed to load. To fix this error, reload the page.

While we investigated this, we found, that there is only one place inside the wiki page sourcecode, where this encoded URI is mentioned.

<div class="js-async-wiki-page-content md gl-pt-2" data-get-wiki-content-url="/api/v4/projects/9/wikis/home%2FFoo-Bar?version=b01cfd4bbc579ce51d5d294503753b019b292e92" data-testid="wiki-page-content" data-tracking-context="{&quot;wiki-format&quot;:&quot;markdown&quot;,&quot;wiki-title-size&quot;:7,&quot;wiki-content-size&quot;:0,&quot;wiki-directory-nest-level&quot;:1,&quot;wiki-container-type&quot;:&quot;Project&quot;}"></div>

The relevant part seems to be data-get-wiki-content-url="/api/v4/projects/9/wikis/home%2FFoo-Bar?version=, while all other occurences of the given URI are written like

<a data-testid="wiki-page-link" data-qa-page-name="Foo Bar" href="sven.froehlich/my-awesome-project/-/wikis/home/Foo-Bar (view-source:https://gitlab.com/sven.froehlich/my-awesome-project/-/wikis/home/Foo-Bar)">

Debugging the network access of the pages load shows a HTTP 404 Error: grafik

Opening the wiki page without our reverse proxy, from inside our internal network, does not give an error.

We already found the mentioned Gitlab Solution at https://github.com/go-gitea/gitea/issues/7471, but because our reverse proxy is implemented as an hardware appliance, we are unable to change the mentioned configuration.

For us this seems to be a Bug inside of gitlab / gollum wiki, because there is only this single point of access with an encoded slash inside the wiki code. All other places do work as expected, while the slash is'nt encoded.

This problem exists not only to project wikis, but also on group wikis. So it seems to be a general URI handling issue inside the wiki related code.

Steps to reproduce

  1. Create a Wiki home page
  2. Create a subpage under home/Foo-Bar
  3. Access the subpage and view the sourcecode of the page and search for data-testid="wiki-page-link"
  4. Access the subpage via a reverse proxy, not allowing encoded slashes in URI (e.g. Apache Option AllowEncodedSlashes)

Example Project

https://gitlab.com/sven.froehlich/my-awesome-project/-/wikis/home/Foo-Bar

What is the current bug behavior?

The wiki pages content can not be loaded (404 Not Found)

What is the expected correct behavior?

The content of wiki sub-pages is shown.

Relevant logs and/or screenshots

Output of checks

Results of GitLab environment info

Expand for output related to GitLab environment info 
System information
System:
Proxy:          no
Current User:   git
Using RVM:      no
Ruby Version:   3.1.5p253
Gem Version:    3.5.9
Bundler Version:2.5.9
Rake Version:   13.0.6
Redis Version:  7.0.15
Sidekiq Version:7.1.6
Go Version:     unknown

GitLab information
Version:        17.0.2-ee
Revision:       23b707e976d
Directory:      /opt/gitlab/embedded/service/gitlab-rails
DB Adapter:     PostgreSQL
DB Version:     14.11
URL:            https://[RADACTED]
HTTP Clone URL: https://[RADACTED]/some-group/some-project.git
SSH Clone URL:  git@[RADACTED]:some-group/some-project.git
Elasticsearch:  yes
Geo:            no
Using LDAP:     no
Using Omniauth: yes
Omniauth Providers: openid_connect

GitLab Shell
Version:        14.35.0
Repository storages:
- default:      unix:/var/opt/gitlab/gitaly/gitaly.socket
GitLab Shell path:              /opt/gitlab/embedded/service/gitlab-shell

Gitaly
- default Address:      unix:/var/opt/gitlab/gitaly/gitaly.socket
- default Version:      17.0.2
- default Git Version:  2.44.2.gl1

Results of GitLab application Check

Expand for output related to the GitLab application check 
Checking GitLab subtasks ...


Checking GitLab Shell ...


GitLab Shell: ... GitLab Shell version >= 14.35.0 ? ... OK (14.35.0)
Running /opt/gitlab/embedded/service/gitlab-shell/bin/check
Internal API available: OK
Redis available via internal API: OK
gitlab-shell self-check successful


Checking GitLab Shell ... Finished


Checking Gitaly ...


Gitaly: ... default ... OK


Checking Gitaly ... Finished


Checking Sidekiq ...


Sidekiq: ... Running? ... yes
Number of Sidekiq processes (cluster/worker) ... 1/1


Checking Sidekiq ... Finished


Checking Incoming Email ...


Incoming Email: ... Reply by email is disabled in config/gitlab.yml


Checking Incoming Email ... Finished


Checking LDAP ...


LDAP: ... LDAP is disabled in config/gitlab.yml


Checking LDAP ... Finished


Checking GitLab App ...


Database config exists? ... yes
Tables are truncated? ... skipped
All migrations up? ... yes
Database contains orphaned GroupMembers? ... no
GitLab config exists? ... yes
GitLab config up to date? ... yes
Cable config exists? ... yes
Resque config exists? ... yes
Log directory writable? ... yes
Tmp directory writable? ... yes
Uploads directory exists? ... yes
Uploads directory has correct permissions? ... yes
Uploads directory tmp has correct permissions? ... yes
Systemd unit files or init script exist? ... skipped (omnibus-gitlab has neither init script nor systemd units)
Systemd unit files or init script up-to-date? ... skipped (omnibus-gitlab has neither init script nor systemd units)
Projects have namespace: ...
9/1 ... yes
9/2 ... yes
9/3 ... yes
9/4 ... yes
9/5 ... yes
4/6 ... yes
510/7 ... yes
5/8 ... yes
4/9 ... yes
2/13 ... yes
2/14 ... yes
2/16 ... yes
2/17 ... yes
2/18 ... yes
2/19 ... yes
2/20 ... yes
6/21 ... yes
9/22 ... yes
9/23 ... yes
56/24 ... yes
58/25 ... yes
77/26 ... yes
67/27 ... yes
205/28 ... yes
111/31 ... yes
107/37 ... yes
54/38 ... yes
54/39 ... yes
54/40 ... yes
54/41 ... yes
54/42 ... yes
110/43 ... yes
62/44 ... yes
62/45 ... yes
62/46 ... yes
111/47 ... yes
111/48 ... yes
123/52 ... yes
125/53 ... yes
111/54 ... yes
107/55 ... yes
111/56 ... yes
73/57 ... yes
111/59 ... yes
84/60 ... yes
68/61 ... yes
68/62 ... yes
175/70 ... yes
111/72 ... yes
111/84 ... yes
65/85 ... yes
111/86 ... yes
111/87 ... yes
107/88 ... yes
111/89 ... yes
111/90 ... yes
111/91 ... yes
111/93 ... yes
248/94 ... yes
248/95 ... yes
249/96 ... yes
249/97 ... yes
56/98 ... yes
56/99 ... yes
56/100 ... yes
56/101 ... yes
56/102 ... yes
107/103 ... yes
107/104 ... yes
111/105 ... yes
107/106 ... yes
226/107 ... yes
72/108 ... yes
405/109 ... yes
405/110 ... yes
405/111 ... yes
405/112 ... yes
390/113 ... yes
61/115 ... yes
205/116 ... yes
111/117 ... yes
95/118 ... yes
205/119 ... yes
95/120 ... yes
75/121 ... yes
83/122 ... yes
123/123 ... yes
256/125 ... yes
256/126 ... yes
256/127 ... yes
256/128 ... yes
256/129 ... yes
262/131 ... yes
262/132 ... yes
262/133 ... yes
262/134 ... yes
269/135 ... yes
269/136 ... yes
269/137 ... yes
273/138 ... yes
273/139 ... yes
273/140 ... yes
273/141 ... yes
273/142 ... yes
279/143 ... yes
279/144 ... yes
279/145 ... yes
279/146 ... yes
279/147 ... yes
279/148 ... yes
123/159 ... yes
135/162 ... yes
111/168 ... yes
135/169 ... yes
135/170 ... yes
135/171 ... yes
135/172 ... yes
135/173 ... yes
135/174 ... yes
135/175 ... yes
183/176 ... yes
135/177 ... yes
72/178 ... yes
72/179 ... yes
332/181 ... yes
70/182 ... yes
205/183 ... yes
262/184 ... yes
111/187 ... yes
342/188 ... yes
342/189 ... yes
9/190 ... yes
4/191 ... yes
360/195 ... yes
354/196 ... yes
358/197 ... yes
362/198 ... yes
358/200 ... yes
360/201 ... yes
362/202 ... yes
362/203 ... yes
362/204 ... yes
390/205 ... yes
350/206 ... yes
349/207 ... yes
349/208 ... yes
354/210 ... yes
111/211 ... yes
408/212 ... yes
111/213 ... yes
349/214 ... yes
408/215 ... yes
9/216 ... yes
9/217 ... yes
432/218 ... yes
91/219 ... yes
91/220 ... yes
70/221 ... yes
434/223 ... yes
434/224 ... yes
434/225 ... yes
434/226 ... yes
390/227 ... yes
342/228 ... yes
405/229 ... yes
408/230 ... yes
408/231 ... yes
408/232 ... yes
408/233 ... yes
91/234 ... yes
408/235 ... yes
471/236 ... yes
471/237 ... yes
471/238 ... yes
471/239 ... yes
469/240 ... yes
469/241 ... yes
469/242 ... yes
469/243 ... yes
469/244 ... yes
469/245 ... yes
469/246 ... yes
469/247 ... yes
469/248 ... yes
469/249 ... yes
469/250 ... yes
469/251 ... yes
502/252 ... yes
502/253 ... yes
349/254 ... yes
408/255 ... yes
510/256 ... yes
471/257 ... yes
512/258 ... yes
512/259 ... yes
512/260 ... yes
512/261 ... yes
123/263 ... yes
8/264 ... yes
529/265 ... yes
529/266 ... yes
529/267 ... yes
530/268 ... yes
530/269 ... yes
530/270 ... yes
155/271 ... yes
155/272 ... yes
155/273 ... yes
405/274 ... yes
70/275 ... yes
405/276 ... yes
434/277 ... yes
510/280 ... yes
404/281 ... yes
135/282 ... yes
54/283 ... yes
555/284 ... yes
155/285 ... yes
408/286 ... yes
408/287 ... yes
408/288 ... yes
111/289 ... yes
Redis version >= 6.2.14? ... yes
Ruby version >= 3.0.6 ? ... yes (3.1.5)
Git user has default SSH configuration? ... yes
Active users: ... 117
Is authorized keys file accessible? ... yes
GitLab configured to store new projects in hashed storage? ... yes
All projects are in hashed storage? ... yes
Elasticsearch version 7.x-8.x or OpenSearch version 1.x ... yes (elasticsearch 8.14.1)
All migrations must be finished before doing a major upgrade ... yes


Checking GitLab App ... Finished


Checking GitLab subtasks ... Finished

Possible fixes