Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Networking] Use CORS proxy for all PHP requests #1901

Draft
wants to merge 1 commit into
base: trunk
Choose a base branch
from
Draft

[Networking] Use CORS proxy for all PHP requests #1901

wants to merge 1 commit into from

Conversation

adamziel
Copy link
Collaborator

Adjusts setupFetchNetworkTransport() to funnel all PHP-sourced network requests through the CORS proxy.

This is intentionally not adding that logic to the fetch event handler in the service worker, as that would also affect all the cross-origin fetch() requests initiated by JavaScript shipped with WordPress plugins.

Related to #85

Changes in this PR

  • Adds a corsProxyUrl option to setupFetchNetworkTransport()
  • Adds the constants required by the CORS proxy to run in the local dev setup
  • Configures the CORS proxy to provide the Access-Control-Allow-Origin headers in the local setup where it's running on a different host.

Concerns

  • Is it too permissive?
  • I built this to turn Playground into an RSS reader with @akirk's Friends plugins. It can fetch the list of feeds as expected, but then it usess SimplePie to parse the feeds and that requires curl which we don't provide in the web version of Playground. PHP: Support http:// https:// and ssl:// stream wrappers #1093 is a blocker for that. I may not be able to prioritize this PR until the blocker is resolved.

Testing changes

TBD

cc @brandonpayton

@adamziel
Remote: Use CORS proxy for all PHP requests
d53f818 
Adjusts setupFetchNetworkTransport() to funnel all PHP-sourced
network requests through the CORS proxy.

This is intentionally not adding that logic to the `fetch` event handler
in the service worker, as that would also affect all the cross-origin
`fetch()` requests initiated by JavaScript shipped with WordPress
plugins.

 ## Changes in this PR

* Adds a `corsProxyUrl` option to `setupFetchNetworkTransport()`
* Adds the constants required by the CORS proxy to run in the local dev setup
* Configures the CORS proxy to provide the Access-Control-Allow-Origin
  headers in the local setup where it's running on a different host.

 ## Concerns

* Is it too permissive?
* I built this to turn Playground into an RSS reader with @akirk's
  Friends plugins. It can fetch the list of feeds as expected, but then
  it usess SimplePie to parse the feeds and that requires curl which we
  don't provide in the web version of Playground. #1093 is a blocker for
  that. Until that's resolved, I'm not compelled to prioritize this.

 ## Testing changes

TBD
@adamziel adamziel changed the title Remote: Use CORS proxy for all PHP requests [Networking] Use CORS proxy for all PHP requests Oct 15, 2024
brandonpayton
brandonpayton reviewed Oct 17, 2024
View reviewed changes
packages/playground/php-cors-proxy/cors-proxy-dev-setup.php
@@ -0,0 +1,4 @@
<?php

define('PLAYGROUND_CORS_PROXY_DISABLE_RATE_LIMIT', true);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for accounting for the dev setup, @adamziel. This is something I missed when adding rate-limiting.

@adamziel adamziel mentioned this pull request Oct 24, 2024
Open
@akirk akirk mentioned this pull request Nov 18, 2024
Open
@chriszarate chriszarate mentioned this pull request Nov 21, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@brandonpayton brandonpayton brandonpayton left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
[Aspect] Networking [Aspect] Website Blocked [Feature] PHP.wasm [Type] Enhancement New feature or request
Projects
Playground Board
Status: Blocked
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@adamziel @brandonpayton