Mobile (android) clients not loading images

Community Support
1

Description

Recently the mobile app has stopped loading images for most of my users. My own app (my user is admin, theirs is not), seemed to work ok, so I didn’t realize the problem at all in the beginning. I think it’s being going on for about a week. With any user, the images work fine in a browser (even android browser on the same phone) just not in the app. Cache resets, reinstalls or relogins do not seem to help.

I see nothing at all in the rocket server logs about the image loading attempt, but my proxy access logs show that a successful attempt to a file looks pretty much like a failed one, though the access logs doesn’t show the headers.
Here’s a successful request:
“GET /file-upload/67dfc9520e580db2ce33c3a8/1000000526.jpg HTTP/2.0” 200 7483209 “-” “okhttp/4.9.2”
And here’s a failed one on the same file
“GET /file-upload/67dfc9520e580db2ce33c3a8/1000000526.jpg HTTP/2.0” 403 0 “-” “okhttp/4.9.2”

If I disable the option in Settings->File Upload->Protect uploaded files, the apps start showing the images fine again. Obviously I don’t want to do that as a long-term solution. The 403 (forbidden) and that setting seem to both indicate that the mobile client isn’t authorized to download the images for some reason. Since the same user is authorized to do that in a browser, perhaps the mobile client isn’t sending the cookies as it should or something?

Any tips on where to go from here debugging this? Anyone else having the same issue?

Server Setup Information

  • Version of Rocket.Chat Server: 7.4.1
  • Operating System: Debian
  • Deployment Method: docker (official image)
  • Number of Running Instances: 1
  • DB Replicaset Oplog: oplog Enabled
  • NodeJS Version: v22.13.1
  • MongoDB Version: 7.0.17 / wiredTiger
  • Proxy: nginx
  • Firewalls involved: Server firewalld + router NAT. As the request comes through and gets 403, that’s not likely the issue.

Any additional Information

I found some other topics with similar behavior caused by image downloads being opened in system browser (which is not logged in), so I also tried enabling the mobile option for setting default browser as “in-app”, but that changed nothing. I also tried the rocket.chat experimental app from play store, but that behaved exactly the same.