Signing certificate not included in document download

Hi. Should I file a bug report for this somewhere?

Hey. I've tried to reinstall a few times and I still get the same issue: the certificate page is not appended automatically to the signed document (the document is indeed digitally signed and the certificate can be downloaded separately from the audit page).

Is anyone experiencing the same issue? Is that a limitation from the self hosted version of the application?

As a reference, the screenshot below is taken from Documenso hosted version:

Thanks!

Hey. That's the pdfsig output I get:

❯ pdfsig 'etiquettes pays - Google Sheets_signed (1).pdf'
Digital Signature Info of: etiquettes pays - Google Sheets_signed (1).pdf
Signature #1:
  - Signer Certificate Common Name: Akvo
  - Signer full Distinguished Name: E=contact@akvo.org,CN=Akvo,O=Akvo Foundation,L=Amsterdam,ST=Holland,C=NL
  - Signing Time: Jan 07 2025 09:19:17
  - Signing Hash Algorithm: SHA-256
  - Signature Type: adbe.pkcs7.detached
  - Signed Ranges: [0 - 302706], [335480 - 336627]
  - Total document signed
  - Signature Validation: Signature is Valid.
  - Certificate Validation: Certificate issuer isn't Trusted.

Does it look correct?

@nebulon said in Signing certificate not included in document download:

Did you follow the instructions at https://docs.cloudron.io/apps/documenso/#signing-certificate ?

Yes I did. I am however able to download the certificate from the audit log page

@joseph Thanks for your message. Here is a screenshot of the signed document in the app. You can see that there is only one page.

Hey,

I can't seem to have the signing certificate downloaded with the signed document, although the option is checked in the Team settings.

My understanding is that this is the default option for personal accounts (vs Teams), but still not happening for me.

Did anyone encounter the same issue?

Thanks,

PS: I tried on the Documenso cloud and the signing certificate is indeed added by default to the signed PDF document.

@joseph That's exactly the problem apparently. I tried all the filter options that I could find but without success.

I ended up installing a plugin called Generico and go it to work. It allows you to define "macros" directly in TinyMCE WYSIWYG mode that are later replaced by HTML.

I created a macro that basically adds an iframe. The weird thing is that the HTML generated by that macro does not have the sandbox attribute in the iframe tag.

So this might be an issue with TinyMCE itself. I haven't found any settings there either that would seem to address this issue. So the thing remains a mystery (especially since iframe embeding works fine on the Moodle Cloud).

Hi @joseph,

Thanks for your message. I tried adding sandbox="allow-scripts" to the iframe tag but Moodle removes allow-scripts upon saving leaving the tag as sandbox="".

I can confirm that this seems to be the issue. Having the sandbox tag removes all error except the first one mentioning allow-scripts. If I manually add sandbox="allow-scripts" to the iframe using the dev tools and reload the iframe, the content appears as expected. So I suppose there's a setting in Moodle that cleans the iframe code.

I have tried enabling the following options:

• Allow EMBED and OBJECT tags
• Enable trusted content

But didn't make a difference.

Hey,

I am encountering an issue when trying to embed an iframe in a resource of type Page. I can see that the iframe loads (spinner is displayed), but sort of hangs. See below:

The error seems to be related to CORS and/or javascript.

Here's the source code of the iframe:

<iframe style="position: absolute; inset: 0;"
    src="https://www.guidejar.com/embed/3ea9f9ac-d51c-42d4-ad9e-3d8149c5c996?type=1&amp;controls=on"
    width="100%" height="100%" frameborder="0" sandbox=""
    allowfullscreen="allowfullscreen"></iframe>

I've tried the same iframe code in the Moodle Cloud (hosted version) and it works fine so I am thinking that this might be a config issue on my instance. I have not performed any modification to the cloudron app nor the setting inside Moodle.

Has anybody encountered a similar issue? Any help would be much appreciated.

Thanks!

Guillaume

Hi,

I am unable to login Penpot. Here are the steps:

1. Open Penpot url
2. Click the OpenID button
3. Log in my Cloudron instance
4. Click the Authorize button (url: https://my.xxxxxxxx.fr/openid/interaction/yyyyyyyyy)
5. Redirected to the Penpot login page at the following url: https://design.xxxxxxx.fr/#/auth/login?error=unable-to-auth&hint=inconmplete+user+info&type=internal&code=incomplete-user-info

Here are the logs:

Feb 21 14:45:27 172.18.0.1 - - [21/Feb/2024:13:45:27 +0000] "POST /api/auth/oauth/oidc?error=unable-to-auth&hint=inconmplete+user+info&type=internal&code=incomplete-user-info HTTP/1.1" 200 424 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36"
Feb 21 14:45:29 [2024-02-21 13:45:29.087] W app.auth.oidc - hint="received incomplete profile info object (please set correct scopes)", info={:backend "oidc", :fullname nil, :email nil, :props {:oidc/at_hash "sYyFsgLIJcKKOtx3f-8p1A"}}
Feb 21 14:45:29 172.18.0.1 - - [21/Feb/2024:13:45:29 +0000] "GET /api/auth/oauth/oidc/callback?code=iCaW4Z4x72AgsqvIvqQX2_NYw5WfGrLDpT4YDxp1p9m&state=eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2R0NNIn0.ZmQ9R7c2ed4CU5WLdN493vXQmTL05rv32cwkdB_qE8WnMckqbauUjw.1jfD7kBWBZiNyPHD.Zm-mSkpHQGaGtrNM48abnG2qlalRuXwjQyc5zGS1PA8A7hhFNSniwdfCgzbsa080GuqFDSlf3JJfcqIcLENKyP-KoCgMqa2ELIfD6KXDZFBt4oVJw13gMWjqWfvP.An4mLMCGe4Mfsdkt7i0iSg&iss=https%3A%2F%2Fmy.ouechbien.fr%2Fopenid HTTP/1.1" 302 0 "https://my.ouechbien.fr/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36"
Feb 21 14:45:29 [2024-02-21 13:45:29.094] W app.auth.oidc - hint="error on oauth process"
Feb 21 14:45:29 SUMMARY:
Feb 21 14:45:29 → clojure.lang.ExceptionInfo: inconmplete user info (oidc.clj:440)
Feb 21 14:45:29 DETAIL:
Feb 21 14:45:29 → clojure.lang.ExceptionInfo: inconmplete user info (oidc.clj:440)
Feb 21 14:45:29 at: app.auth.oidc$get_info.invokeStatic(oidc.clj:440)
Feb 21 14:45:29 app.auth.oidc$get_info.invoke(oidc.clj:416)
Feb 21 14:45:29 app.auth.oidc$callback_handler.invokeStatic(oidc.clj:566)
Feb 21 14:45:29 app.auth.oidc$callback_handler.invoke(oidc.clj:563)
Feb 21 14:45:29 app.auth.oidc$fn__29169$fn__29171$fn__29173.invoke(oidc.clj:580)
Feb 21 14:45:29 app.http.session$wrap_authz$fn__21738.invoke(session.clj:226)
Feb 21 14:45:29 clojure.core$partial$fn__5908.invoke(core.clj:2640)
Feb 21 14:45:29 promesa.util.Supplier.get(util.cljc:34)
Feb 21 14:45:29 java.util.concurrent.CompletableFuture$AsyncSupply.run(CompletableFuture.java:1768)
Feb 21 14:45:29 java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1144)
Feb 21 14:45:29 java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:642)
Feb 21 14:45:29 java.lang.Thread.run(Thread.java:1589)
Feb 21 14:45:29 dt: {:type :internal,
Feb 21 14:45:29 :code :incomplete-user-info,
Feb 21 14:45:29 :hint "inconmplete user info",
Feb 21 14:45:29 :info {:backend "oidc", :fullname nil, :email nil, :props {:oidc/at_hash "sYyFsgLIJcKKOtx3f-8p1A"}}}
Feb 21 14:45:29

Any idea what's going on?

Thanks,

Hi @girish. The package available for install still seems to be 1.3.1, i.e. emails are not delivered. Any idea when v1.4.0 will be made available? Thanks!

Hi,

Would love to see Hugo as part of the App Store!

Thanks!

@mehdi Thanks! I'll look into it.

@girish Thanks for the note. Keep us posted on how the investigation goes. It would surely be super useful!

Cheers,

Hi,

I was hoping to use the Surfer app to copy files between data directories of several applications. The use case I am trying to set up is as follows:

• Use Simple torrent to download video files
• Create symlinks from the Surfer data directory to the data directory of Simple Torrent and Jellyfin
• Connect to Surfer to move video files between the Download directory of Simple Torrent to the movie library directory of Jellyfin.

After creating the symlinks, Surfer stops displaying the list of files in its data directory. If I remove them, the other files reappear in Surfer.

Does Surfer support symbolic links? Or is this issue related to some containerization? Or something else?

Any help appreciated!

Thanks,

Guillaume