Fix 403 forbidden

I am trying to use ViewerJS to view PDF documents in the browser. This used to work on Apache.

This link now gives a 403: <a href="ViewerJS/#../file.pdf">view pdf</a>

Caddy file: {
root /var/www

You will have to explain yourself a little better. The link you provided isn’t, the caddy file means nothing (that relates to your arguable problem). Come again?

I have /var/www/ViewerJS/ (the whole directory of viewrjs stuff)
I have /var/www/file.pdf
On Apache, this worked, on Caddy it gives a 403.

How can I use ViewerJS with Caddy to allow viewing pdf documents in the browser?

Could you post your apache site configuration (the virtualhost file for the domain you are referring)? Having a working link to your site would also help.

It seems to me ViewerJS is straight forward JS, so it will work anywhere.

1 Like

Could be Caddy doesn’t have correct permissions. What user is Apache and what user is Caddy running as?

The site config for Apache would indeed be very helpful in determining what needs to be configured for Caddy to work the same.

I’ve been running Caddy for months now. I no longer have the file you’re asking for, but there was no special configuration at all. It just worked.
Here is the link to the page I was looking at:

Apache is long gone. Caddy is running as root (I suppose…?) through systemd. But the rest of the site seems to work, it’s just viewing pdfs online through ViewerJS.

Regardless of my site, how would you generally get ViewerJS to work under Caddy?

Would it be an idea to do it through the js directive (and thus have the whole process shielded more from public scrutiny)??

You can check the unit file with systemctl cat caddy.service. It will likely specify the user and group.

Going off the docs at ViewerJS Instructions for installing ViewerJS, you’re linking to /ViewerJS/index.html with an anchor link that directs it to your PDF file. Pretty straightforward, I see no reason it wouldn’t work in Caddy.

A few points:

  1. Double, triple check your file permissions. Caddy must be able to access the files to serve them.
  2. Load up and make sure the PDF is where you think it is (and accessible).
  3. Your example <a href="ViewerJS/#../file.pdf">view pdf</a> is a relative link. If you’re at, and click that link, it will try to load /foo/ViewerJS/, which may not be correct, and pull the PDF from /foo/file.pdf, which may not exist.

Thanks for your persistence Matthew.
Caddy runs as www-data:www-data
I’ll focus on the topmost file on Artikelen
Permissions are -rw-rw-r–
Downloading the same file (the other top link) works fine.
So I though perhaps execute permissions were somehow necessary, but no, that doesn’t fix it.
The link actually opens here in Firefox’s builtin pdf viewer.

Do I need to give explicit permission for the ViewerJS directory to be accessible?? Are subdirectories forbidden by default? How do I incorporate that in my Caddyfile?

Found it: I was checking the permissions on the ViewerJS directory, and found that it is a symlink to a directory outside of webroot. I guess Apache is fine with that, but Caddy isn’t. When I copied the directory over, it started working.

There might be a more elegant solution, but I’m only wasting 2.2M space…

1 Like

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.