How to fix Operation is blocked by access control?

ℹ️ Support
61

No, your issue is different than Kathir’s

62
63

I think this should help
remove location ~ /. {deny all;}

64

Same error on NC 21 and NC 22.
Some more info:

client.js:268 MOVE https://[my-NC-baseurl]/remote.php/dav/uploads/[my-user]/web-file-upload-72cf54e5c062404dff41f86bc36b53a2-1634028244014/.file 403 (Forbidden)

Headers:

  1. Request URL:

https://[xxxx]/remote.php/dav/uploads/[xxxx]/web-file-upload-72cf54e5c062404dff41f86bc36b53a2-1634028244014/.file

  1. Request Method:

MOVE

  1. Status Code:

403 Forbidden

  1. Remote Address:

xx.xx.xx.xx:443

  1. Referrer Policy:

no-referrer

  1. Response HeadersView source

  2. Cache-Control:

no-store, no-cache, must-revalidate

  1. Connection:

Keep-Alive

  1. Content-Length:

182

  1. Content-Security-Policy:

default-src ‘none’;

  1. Content-Type:

application/xml; charset=utf-8

  1. Date:

Tue, 12 Oct 2021 08:44:49 GMT

  1. Expires:

Thu, 19 Nov 1981 08:52:00 GMT

  1. Keep-Alive:

timeout=5, max=76

  1. Pragma:

no-cache

  1. Referrer-Policy:

no-referrer

  1. Server:

Apache/2.4.29 (Ubuntu)

  1. Strict-Transport-Security:

max-age=15552000; includeSubDomains

  1. X-Content-Type-Options:

nosniff

  1. X-Download-Options:

noopen

  1. X-Frame-Options:

SAMEORIGIN

  1. X-Permitted-Cross-Domain-Policies:

none

  1. X-Robots-Tag:

none

  1. X-XSS-Protection:

1; mode=block

  1. Request HeadersView source

  2. Accept:

3./*

  1. Accept-Encoding:

gzip, deflate, br

  1. Accept-Language:

en-GB,en-US;q=0.9,en;q=0.8,it;q=0.7

  1. Cache-Control:

no-cache

  1. Connection:

keep-alive

  1. Cookie:

oc_sessionPassphrase=wAT%2FfNp4uYA28c52wdCjUS5VUuZ1xAG1GlSEb6wSMxd%2BxjB0d38UiSQiFJ5O6yO79v%2F6pv8Qq7MNLqP2RBjl%2BhEUuTiXGEF5nkhDGQn0gxWmYPwlVZDzRGfgeKbmo%2FKa; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; nc_username=xxxxx; oc6ksl0mvjax=nsjmvq66n5bglko6ai8kaari52; nc_token=OcCvLvfqua9BKEl2iHBZv1CFPPbjk7yV; nc_session_id=nsjmvq66n5bglko6ai8kaari52

  1. Destination:

[my-destination]

  1. DNT:

1

  1. Host:

[xxx.xxx.xx]

  1. OC-Total-Length:

195592149

  1. Origin:

[xxxx]

  1. Pragma:

no-cache

  1. requesttoken:

0rHWB/+sV+PtpMwzdmvrRGbX9z9PXcCKIRNgNagE33g=:nYKEc5b+OqnVlJ1hOgWBLiuutGx9Evj7WX4jHpBrqDU=

  1. sec-ch-ua:

“Chromium”;v=“94”, “Google Chrome”;v=“94”, “;Not A Brand”;v=“99”

  1. sec-ch-ua-mobile:

?0

  1. sec-ch-ua-platform:

“Linux”

  1. Sec-Fetch-Dest:

empty

  1. Sec-Fetch-Mode:

cors

  1. Sec-Fetch-Site:

same-origin

  1. User-Agent:

Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36

  1. X-OC-Mtime:

1633966464.258

  1. X-Requested-With:

XMLHttpRequest

PREVIEW/RESPONSE:

  1. <d:error xmlns:d=“DAV:” xmlns:s=“sabre/dav”>

  2. <s:exception>Sabre\DAV\Exception\Forbidden</s:exception>

  3. <s:message/>

  4. </d:error>

65

Is there anybody here?

66

Please tell me in which file it needs to be edited? Can you write the path to this file?

67

would you please open a new Thread for your request rather than reopening an old one? You can refer this thread in your new inquiry (it would be really helpful, I think)

And pls give all needed information.

BTW: welcome to the community of NC! Nice that you’re here