starred/audiobookshelf
1
0
Fork 0
mirror of https://github.com/advplyr/audiobookshelf.git synced 2026-05-30 23:40:40 +02:00
Code Issues 1.0k Packages Projects Releases 10 Wiki Activity

[Bug]: fileUtils: Failed to download failed "blocked" #1541

New Issue
Closed
opened 2026-04-24 23:49:23 +02:00 by adam · 7 comments
adam commented 2026-04-24 23:49:23 +02:00
Owner
Copy Link
Copy Source

Originally created by @JAKAMI99 on GitHub (Nov 20, 2023).

Describe the issue

Weirdly, I can't download .ogg files. Manual download from the docker shell works.
The XML file gets parsed and everything seems perfect.
Somehow, the download results in this error:

[2023-11-20 23:53:03] ERROR: [fileUtils] Failed to download file "/podcast/Hobbylos/Sturm der Glieder 🌪️.ogg" Error: Call to 10.0.0.68 is blocked.
    at Agent.agent.createConnection (/node_modules/ssrf-req-filter/lib/index.js:31:13)
    at Agent.createSocket (node:_http_agent:347:26)
    at Agent.addRequest (node:_http_agent:294:10)
    at new ClientRequest (node:_http_client:335:16)
    at Object.request (node:http:97:10)
    at RedirectableRequest._performRequest (/node_modules/follow-redirects/index.js:284:24)
    at new RedirectableRequest (/node_modules/follow-redirects/index.js:66:8)
    at Object.request (/node_modules/follow-redirects/index.js:523:14)
    at dispatchHttpRequest (/node_modules/axios/lib/adapters/http.js:262:25)
    at new Promise (<anonymous>) (fileUtils.js:263)
[2023-11-20 23:53:03] ERROR: [PodcastManager] Podcast Episode download failed Error: Call to 10.0.0.68 is blocked.
    at Agent.agent.createConnection (/node_modules/ssrf-req-filter/lib/index.js:31:13)
    at Agent.createSocket (node:_http_agent:347:26)
    at Agent.addRequest (node:_http_agent:294:10)
    at new ClientRequest (node:_http_client:335:16)
    at Object.request (node:http:97:10)
    at RedirectableRequest._performRequest (/node_modules/follow-redirects/index.js:284:24)
    at new RedirectableRequest (/node_modules/follow-redirects/index.js:66:8)
    at Object.request (/node_modules/follow-redirects/index.js:523:14)
    at dispatchHttpRequest (/node_modules/axios/lib/adapters/http.js:262:25)
    at new Promise (<anonymous>) (PodcastManager.js:108)

Steps to reproduce the issue

  1. Add RSS Feed of local "spodcast" installation
  2. scan for new podcasts (successful)
  3. try to download one or more podcasts
  4. none of the podcasts will download, logs full of errors (one shown block per episode)

Audiobookshelf version

v2.5.0

How are you running audiobookshelf?

Docker

Originally created by @JAKAMI99 on GitHub (Nov 20, 2023). ### Describe the issue Weirdly, I can't download .ogg files. Manual download from the docker shell works. The XML file gets parsed and everything seems perfect. Somehow, the download results in this error: ``` [2023-11-20 23:53:03] ERROR: [fileUtils] Failed to download file "/podcast/Hobbylos/Sturm der Glieder 🌪️.ogg" Error: Call to 10.0.0.68 is blocked. at Agent.agent.createConnection (/node_modules/ssrf-req-filter/lib/index.js:31:13) at Agent.createSocket (node:_http_agent:347:26) at Agent.addRequest (node:_http_agent:294:10) at new ClientRequest (node:_http_client:335:16) at Object.request (node:http:97:10) at RedirectableRequest._performRequest (/node_modules/follow-redirects/index.js:284:24) at new RedirectableRequest (/node_modules/follow-redirects/index.js:66:8) at Object.request (/node_modules/follow-redirects/index.js:523:14) at dispatchHttpRequest (/node_modules/axios/lib/adapters/http.js:262:25) at new Promise (<anonymous>) (fileUtils.js:263) [2023-11-20 23:53:03] ERROR: [PodcastManager] Podcast Episode download failed Error: Call to 10.0.0.68 is blocked. at Agent.agent.createConnection (/node_modules/ssrf-req-filter/lib/index.js:31:13) at Agent.createSocket (node:_http_agent:347:26) at Agent.addRequest (node:_http_agent:294:10) at new ClientRequest (node:_http_client:335:16) at Object.request (node:http:97:10) at RedirectableRequest._performRequest (/node_modules/follow-redirects/index.js:284:24) at new RedirectableRequest (/node_modules/follow-redirects/index.js:66:8) at Object.request (/node_modules/follow-redirects/index.js:523:14) at dispatchHttpRequest (/node_modules/axios/lib/adapters/http.js:262:25) at new Promise (<anonymous>) (PodcastManager.js:108) ``` ### Steps to reproduce the issue 1. Add RSS Feed of local "spodcast" installation 2. scan for new podcasts (successful) 3. try to download one or more podcasts 4. none of the podcasts will download, logs full of errors (one shown block per episode) ### Audiobookshelf version v2.5.0 ### How are you running audiobookshelf? Docker
adam added the bug label 2026-04-24 23:49:23 +02:00
adam closed this issue 2026-04-24 23:49:25 +02:00
adam commented 2026-04-24 23:49:26 +02:00
Author
Owner
Copy Link
Copy Source

@JAKAMI99 commented on GitHub (Nov 21, 2023):

Crosschecked with the android app "Podcast Addict". Adding and downloading podcasts works flawless there.
Also checked server accessibility docker exec -it audiobookshelf sh and then wget something from the XML, audiobookshelf has.

@JAKAMI99 commented on GitHub (Nov 21, 2023): Crosschecked with the android app "Podcast Addict". Adding and downloading podcasts works flawless there. Also checked server accessibility `docker exec -it audiobookshelf sh` and then `wget` something from the XML, audiobookshelf has.
adam commented 2026-04-24 23:49:27 +02:00
Author
Owner
Copy Link
Copy Source

@JAKAMI99 commented on GitHub (Nov 21, 2023):

I tried to bypass this issue by trying "Podgrab" as a "Relay".
Podgrab perfectly detects the original source, plays an downloads them.
Setting "podgrab" as a source for podcasts in audiobookshelf works, episodes are detected, but download throws the same error

[fileUtils] Failed to download file "/podcast/....." Error: Call to 10.0.0.250 is blocked.

@JAKAMI99 commented on GitHub (Nov 21, 2023): I tried to bypass this issue by trying "Podgrab" as a "Relay". Podgrab perfectly detects the original source, plays an downloads them. Setting "podgrab" as a source for podcasts in audiobookshelf works, episodes are detected, but download throws the same error `[fileUtils] Failed to download file "/podcast/....." Error: Call to 10.0.0.250 is blocked.`
adam commented 2026-04-24 23:49:27 +02:00
Author
Owner
Copy Link
Copy Source

@advplyr commented on GitHub (Nov 21, 2023):

SSRF request filter was implemented in v2.5.0 that will block requests from internal IP addresses. The reason it was added is a vulnerability report https://github.com/advplyr/audiobookshelf/security/advisories/GHSA-mgj7-rfx8-vhpr
You could host that RSS feed on https and it would work

@advplyr commented on GitHub (Nov 21, 2023): SSRF request filter was implemented in v2.5.0 that will block requests from internal IP addresses. The reason it was added is a vulnerability report https://github.com/advplyr/audiobookshelf/security/advisories/GHSA-mgj7-rfx8-vhpr You could host that RSS feed on https and it would work
adam commented 2026-04-24 23:49:28 +02:00
Author
Owner
Copy Link
Copy Source

@JAKAMI99 commented on GitHub (Nov 21, 2023):

SSRF request filter was implemented in v2.5.0 that will block requests from internal IP addresses. The reason it was added is a vulnerability report GHSA-mgj7-rfx8-vhpr You could host that RSS feed on https and it would work

Oh, okay. That's why I couldn't get to work.
Thanks for the quick reaction!

Sadly, audiobookshelf doesn't seem to be supporting "HTTP Basic Auth". This way I would be able to serve from a non interal IP. Guess I will have to force spodcast to serve with SSL.

Thanks!

@JAKAMI99 commented on GitHub (Nov 21, 2023): > SSRF request filter was implemented in v2.5.0 that will block requests from internal IP addresses. The reason it was added is a vulnerability report [GHSA-mgj7-rfx8-vhpr](https://github.com/advplyr/audiobookshelf/security/advisories/GHSA-mgj7-rfx8-vhpr) You could host that RSS feed on https and it would work Oh, okay. That's why I couldn't get to work. Thanks for the quick reaction! Sadly, audiobookshelf doesn't seem to be supporting "HTTP Basic Auth". This way I would be able to serve from a non interal IP. Guess I will have to force spodcast to serve with SSL. Thanks!
adam commented 2026-04-24 23:49:29 +02:00
Author
Owner
Copy Link
Copy Source

@JAKAMI99 commented on GitHub (Nov 21, 2023):

[2023-11-21 02:49:30] INFO: [LibraryItem] Library item "3cbe27de-1386-4d68-86dd-12b475003449" updated
[2023-11-21 02:49:32] ERROR: [podcastUtils] getPodcastFeed Error AxiosError: self signed certificate
    at TLSSocket.onConnectSecure (node:_tls_wrap:1539:34)
    at TLSSocket.emit (node:events:513:28)
    at TLSSocket._finishInit (node:_tls_wrap:953:8)
    at TLSWrap.ssl.onhandshakedone (node:_tls_wrap:734:12) {
  code: 'DEPTH_ZERO_SELF_SIGNED_CERT',
  config: {
    transitional: {
      silentJSONParsing: true,
      forcedJSONParsing: true,
      clarifyTimeoutError: false
@JAKAMI99 commented on GitHub (Nov 21, 2023): ``` [2023-11-21 02:49:30] INFO: [LibraryItem] Library item "3cbe27de-1386-4d68-86dd-12b475003449" updated [2023-11-21 02:49:32] ERROR: [podcastUtils] getPodcastFeed Error AxiosError: self signed certificate at TLSSocket.onConnectSecure (node:_tls_wrap:1539:34) at TLSSocket.emit (node:events:513:28) at TLSSocket._finishInit (node:_tls_wrap:953:8) at TLSWrap.ssl.onhandshakedone (node:_tls_wrap:734:12) { code: 'DEPTH_ZERO_SELF_SIGNED_CERT', config: { transitional: { silentJSONParsing: true, forcedJSONParsing: true, clarifyTimeoutError: false ```
adam commented 2026-04-24 23:49:30 +02:00
Author
Owner
Copy Link
Copy Source

@JAKAMI99 commented on GitHub (Nov 21, 2023):

Okay, I fixed this for me in a hilarious way, but hey, it works! :D

I made an internal DNS Static DNS Entry that points to my own IP.
And I made an entry in my NginxReverseProxy to proxy the request back into the local network.
This way, audiobookshelf doesn't notice, that it is talking to a local IP.

Still a really uncomfortable way of solving something simple. But yey, know I can add spotify podcasts to my local audiobookshelf installation again c:

Accepting self-signed certificates for downloads would be the true fix for me.

@JAKAMI99 commented on GitHub (Nov 21, 2023): Okay, I fixed this for me in a hilarious way, but hey, it works! :D I made an internal DNS Static DNS Entry that points to my own IP. And I made an entry in my NginxReverseProxy to proxy the request back into the local network. This way, audiobookshelf doesn't notice, that it is talking to a local IP. Still a really uncomfortable way of solving something simple. But yey, know I can add spotify podcasts to my local audiobookshelf installation again c: **Accepting self-signed certificates for downloads would be the true fix for me.**
adam commented 2026-04-24 23:49:31 +02:00
Author
Owner
Copy Link
Copy Source

@advplyr commented on GitHub (Nov 27, 2023):

Thanks, I'll close this out since it isn't a bug but maybe someone can craft up a solution in the future

@advplyr commented on GitHub (Nov 27, 2023): Thanks, I'll close this out since it isn't a bug but maybe someone can craft up a solution in the future
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
authentication
backlog
bug
chapter editor
config-issue
ebooks
encoding/embedding
enhancement
help wanted
listening sessions & progress
planned
possible plugin
progress sync
pull-request
Mirrored from GitHub Pull Request
 sorting/filtering/searching
unable to reproduce
upload
users & permissions
waiting
No Label bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
adam (Adam Melkus)
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/audiobookshelf#1541
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?