Skip to content

[Bug]: OpenMetrics endpoint do not have to be a trusted_domain #58614

@wrenix

Description

@wrenix

⚠️ This issue respects the following points: ⚠️

Bug description

Metrics Endpoint should not be evaluted to be in trusted_domains (metrics are scraped internal and the nextcloud could have changing ip address -> changing trusted_domains).

Steps to reproduce

  1. setup nextcloud (behind-nginx)
  2. setup openmetrics_allowed_clients
  3. query /metrics

respone: HTTP/1.1 400 Bad Request

Expected behavior

response metrics

Nextcloud Server version

33

Operating system

None

PHP engine version

None

Web server

None

Database engine version

None

Is this bug present after an update or on a fresh install?

None

Are you using the Nextcloud Server Encryption module?

None

What user-backends are you using?

  • Default user-backend (database)
  • LDAP/ Active Directory
  • SSO - SAML
  • Other

Configuration report

List of activated Apps

Nextcloud Signing status

Nextcloud Logs

{"reqId":"ZZw8YpYRIhxl2Frsp2xR","level":1,"time":"2026-02-27T15:13:25+00:00","remoteAddr":"10.42.0.188","user":"--","app":"core","method":"GET","url":"/metrics","scriptName":"/index.php","message":"Trusted domain error. \"10.42.0.188\" tried to access using \"10.42.0.150\" as host.","userAgent":"Wget","version":"33.0.0.16","data":{"app":"core"}}

Additional info

Config contains:

  ["openmetrics_allowed_clients"]=>
  array(1) {
    [0]=>
    string(12) "10.42.0.0/15"
  }
    <?php
    $CONFIG = array (
      'allow_local_remote_servers' => true,
      'trusted_proxies' => array(
        0 => '127.0.0.1',
        1 => '10.0.0.0/8',
      ),
      'forwarded_for_headers' => array('HTTP_X_FORWARDED_FOR'),
    );

Metadata

Metadata

Assignees

No one assigned

    Type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions