Dokumente erstellen / runterladen führt zu HTTP403

Hi,

Ich versuche gerade mal einen Bestellablauf in Shopware 6.4.1.1 (Ngnix php-fpm) durchzulaufen.

Das klappt auch alles gut, bis auf das erstellen von Dokumenten.
Wenn ich einen neuen Lieferschein erstellen will und auf „Vorschau“ klicke, bekomme ich in der symphonie console nur einen 403 error angezeigt.
Anscheinend wird ihm der Authorsation header nicht mitgegeben.
Das selbe passiert wenn ich den Schein erstelle, und dann die PDF runterladen will.

GET http://shop.mydomain.local/api/_action/order/03b1bc360cfa4d70aaac5fab3d7a4815/1KfDe-PIgtOJ3MvDPkmtPM9KTm6qRg8F/document/invoice/preview?config={%22custom%22:{%22invoiceNumber%22:%221000%22},%22documentNumber%22:%221000%22,%22documentComment%22:%22%22,%22documentDate%22:%222021-06-22T08:18:35.825Z%22}

{
  "errors": [
    {
      "code": "9",
      "status": "401",
      "title": "The resource owner or authorization server denied the request.",
      "detail": "Missing \u0022Authorization\u0022 header",
      "meta": {
        "trace": [
          {
            "file": "/var/www/shopware/vendor/league/oauth2-server/src/AuthorizationValidators/BearerTokenValidator.php",
            "line": 91,
            "function": "accessDenied",
            "class": "League\\OAuth2\\Server\\Exception\\OAuthServerException",
            "type": "::",
            "args": ["Missing \u0022Authorization\u0022 header"]
          },
          {
            "file": "/var/www/shopware/vendor/shopware/core/Framework/Api/OAuth/BearerTokenValidator.php",
            "line": 46,
            "function": "validateAuthorization",
            "class": "League\\OAuth2\\Server\\AuthorizationValidators\\BearerTokenValidator",
            "type": "-\u003E",
            "args": [{}]
          },
          {
            "file": "/var/www/shopware/vendor/league/oauth2-server/src/ResourceServer.php",
            "line": 84,
            "function": "validateAuthorization",
            "class": "Shopware\\Core\\Framework\\Api\\OAuth\\BearerTokenValidator",
            "type": "-\u003E",
            "args": [{}]
          },
          {
            "file": "/var/www/shopware/vendor/shopware/core/Framework/Api/EventListener/Authentication/ApiAuthenticationListener.php",
            "line": 117,
            "function": "validateAuthenticatedRequest",
            "class": "League\\OAuth2\\Server\\ResourceServer",
            "type": "-\u003E",
            "args": [{}]
          },
          {
            "file": "/var/www/shopware/vendor/symfony/event-dispatcher/Debug/WrappedListener.php",
            "line": 117,
            "function": "validateRequest",
            "class": "Shopware\\Core\\Framework\\Api\\EventListener\\Authentication\\ApiAuthenticationListener",
            "type": "-\u003E",
            "args": [{}, "kernel.controller", {}]
          },
          {
            "file": "/var/www/shopware/vendor/symfony/event-dispatcher/EventDispatcher.php",
            "line": 230,
            "function": "__invoke",
            "class": "Symfony\\Component\\EventDispatcher\\Debug\\WrappedListener",
            "type": "-\u003E",
            "args": [{}, "kernel.controller", {}]
          },
          {
            "file": "/var/www/shopware/vendor/symfony/event-dispatcher/EventDispatcher.php",
            "line": 59,
            "function": "callListeners",
            "class": "Symfony\\Component\\EventDispatcher\\EventDispatcher",
            "type": "-\u003E",
            "args": [
              [
                {},
                {},
                {},
                {},
                {},
                {},
                {},
                {},
                {},
                {},
                {},
                {},
                {},
                {},
                {},
                {},
                {}
              ],
              "kernel.controller",
              {}
            ]
          },
          {
            "file": "/var/www/shopware/vendor/shopware/core/Framework/Webhook/WebhookDispatcher.php",
            "line": 81,
            "function": "dispatch",
            "class": "Symfony\\Component\\EventDispatcher\\EventDispatcher",
            "type": "-\u003E",
            "args": [{}, "kernel.controller"]
          },
          {
            "file": "/var/www/shopware/vendor/shopware/core/Framework/Event/BusinessEventDispatcher.php",
            "line": 46,
            "function": "dispatch",
            "class": "Shopware\\Core\\Framework\\Webhook\\WebhookDispatcher",
            "type": "-\u003E",
            "args": [{}, "kernel.controller"]
          },
          {
            "file": "/var/www/shopware/vendor/shopware/core/Framework/Event/NestedEventDispatcher.php",
            "line": 32,
            "function": "dispatch",
            "class": "Shopware\\Core\\Framework\\Event\\BusinessEventDispatcher",
            "type": "-\u003E",
            "args": [{}, "kernel.controller"]
          },
          {
            "file": "/var/www/shopware/vendor/symfony/event-dispatcher/Debug/TraceableEventDispatcher.php",
            "line": 151,
            "function": "dispatch",
            "class": "Shopware\\Core\\Framework\\Event\\NestedEventDispatcher",
            "type": "-\u003E",
            "args": [{}, "kernel.controller"]
          },
          {
            "file": "/var/www/shopware/vendor/symfony/http-kernel/HttpKernel.php",
            "line": 145,
            "function": "dispatch",
            "class": "Symfony\\Component\\EventDispatcher\\Debug\\TraceableEventDispatcher",
            "type": "-\u003E",
            "args": [{}, "kernel.controller"]
          },
          {
            "file": "/var/www/shopware/vendor/symfony/http-kernel/HttpKernel.php",
            "line": 79,
            "function": "handleRaw",
            "class": "Symfony\\Component\\HttpKernel\\HttpKernel",
            "type": "-\u003E",
            "args": [
              {
                "attributes": {},
                "request": {},
                "query": {},
                "server": {},
                "files": {},
                "cookies": {},
                "headers": {}
              },
              1
            ]
          },
          {
            "file": "/var/www/shopware/vendor/symfony/http-kernel/Kernel.php",
            "line": 195,
            "function": "handle",
            "class": "Symfony\\Component\\HttpKernel\\HttpKernel",
            "type": "-\u003E",
            "args": [
              {
                "attributes": {},
                "request": {},
                "query": {},
                "server": {},
                "files": {},
                "cookies": {},
                "headers": {}
              },
              1,
              true
            ]
          },
          {
            "file": "/var/www/shopware/vendor/symfony/http-kernel/HttpCache/SubRequestHandler.php",
            "line": 85,
            "function": "handle",
            "class": "Symfony\\Component\\HttpKernel\\Kernel",
            "type": "-\u003E",
            "args": [
              {
                "attributes": {},
                "request": {},
                "query": {},
                "server": {},
                "files": {},
                "cookies": {},
                "headers": {}
              },
              1,
              true
            ]
          },
          {
            "file": "/var/www/shopware/vendor/symfony/http-kernel/HttpCache/HttpCache.php",
            "line": 477,
            "function": "handle",
            "class": "Symfony\\Component\\HttpKernel\\HttpCache\\SubRequestHandler",
            "type": "::",
            "args": [
              {},
              {
                "attributes": {},
                "request": {},
                "query": {},
                "server": {},
                "files": {},
                "cookies": {},
                "headers": {}
              },
              1,
              true
            ]
          },
          {
            "file": "/var/www/shopware/vendor/symfony/http-kernel/HttpCache/HttpCache.php",
            "line": 450,
            "function": "forward",
            "class": "Symfony\\Component\\HttpKernel\\HttpCache\\HttpCache",
            "type": "-\u003E",
            "args": [
              {
                "attributes": {},
                "request": {},
                "query": {},
                "server": {},
                "files": {},
                "cookies": {},
                "headers": {}
              },
              true
            ]
          },
          {
            "file": "/var/www/shopware/vendor/symfony/http-kernel/HttpCache/HttpCache.php",
            "line": 344,
            "function": "fetch",
            "class": "Symfony\\Component\\HttpKernel\\HttpCache\\HttpCache",
            "type": "-\u003E",
            "args": [
              {
                "attributes": {},
                "request": {},
                "query": {},
                "server": {},
                "files": {},
                "cookies": {},
                "headers": {}
              },
              true
            ]
          },
          {
            "file": "/var/www/shopware/vendor/symfony/http-kernel/HttpCache/HttpCache.php",
            "line": 222,
            "function": "lookup",
            "class": "Symfony\\Component\\HttpKernel\\HttpCache\\HttpCache",
            "type": "-\u003E",
            "args": [
              {
                "attributes": {},
                "request": {},
                "query": {},
                "server": {},
                "files": {},
                "cookies": {},
                "headers": {}
              },
              true
            ]
          },
          {
            "file": "/var/www/shopware/vendor/shopware/core/HttpKernel.php",
            "line": 163,
            "function": "handle",
            "class": "Symfony\\Component\\HttpKernel\\HttpCache\\HttpCache",
            "type": "-\u003E",
            "args": [
              {
                "attributes": {},
                "request": {},
                "query": {},
                "server": {},
                "files": {},
                "cookies": {},
                "headers": {}
              },
              1,
              true
            ]
          },
          {
            "file": "/var/www/shopware/vendor/shopware/core/HttpKernel.php",
            "line": 80,
            "function": "doHandle",
            "class": "Shopware\\Core\\HttpKernel",
            "type": "-\u003E",
            "args": [
              {
                "attributes": {},
                "request": {},
                "query": {},
                "server": {},
                "files": {},
                "cookies": {},
                "headers": {}
              },
              1,
              true
            ]
          },
          {
            "file": "/var/www/shopware/public/index.php",
            "line": 77,
            "function": "handle",
            "class": "Shopware\\Core\\HttpKernel",
            "type": "-\u003E",
            "args": [
              {
                "attributes": {},
                "request": {},
                "query": {},
                "server": {},
                "files": {},
                "cookies": {},
                "headers": {}
              }
            ]
          }
        ],
        "file": "/var/www/shopware/vendor/league/oauth2-server/src/Exception/OAuthServerException.php",
        "line": 243
      }
    }
  ]
}

Wenn ich beim erstellen eine Exerne PDF anhänge, kann ich sie unterladen, obwohl er da komischerweise einen „_“ vor und hinter den Dateinamen setzt.

Ich kann die erstellte Lieferschein PDF unter ./media/…/ finden.

Weiß jemand, was da schief laufen kann?

Außerdem, weiß jemand, ob man die erstellten PDFs weiter customizen kann, als es das admin settings interface hergibt?

Okay der „Network“ tab in der Chrome dev console hat weitergeholfen.
Die downloads wurden von unserer Shophos XG Firewall geblockt.