-
Notifications
You must be signed in to change notification settings - Fork 8
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(server): 🩹 Using sessionID as a fallback to requests where referer is missing. #20
Conversation
…r is missing. Signed-off-by: Nishant Arora <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
just some comments
src/heliaServer.ts
Outdated
* Computes referer path for the request. | ||
*/ | ||
private fetchRefererPath ({ request }: IRouteHandler): string { | ||
let refererPath = new URL(request.headers.referer ?? 'http://ipfs.io').pathname |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
defaulting to 'ipfs.io' here seems wrong. why not default to ${currentUrl}
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
not currentUrl (because pathname) but request.hostname
should work.
private fetchRefererPath ({ request }: IRouteHandler): string { | ||
let refererPath = new URL(request.headers.referer ?? 'http://ipfs.io').pathname | ||
if (refererPath === '/') { | ||
refererPath = request.sessionID |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
should we use sessionId in scenarios other than when refererPath === '/'
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
referrer should be more reliable, in most cases, this is just a fallback.
src/heliaServer.ts
Outdated
/** | ||
* Computes referer path for the request. | ||
*/ | ||
private fetchRefererPath ({ request }: IRouteHandler): string { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
private fetchRefererPath ({ request }: IRouteHandler): string { | |
private getRefererFromRouteHandler ({ request }: IRouteHandler): string { |
I don't think we should use the term fetch
here.
Also, (joke) just because HTTP spec spells referrer wrong doesn't mean we need to? =P
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
it was driving me crazy, sorry tired of seeing two different spellings.
await heliaServer.isReady | ||
app.use(session({ | ||
genid: heliaServer.sessionId, | ||
secret: 'very secret value' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: too secret of a value. please remove from commit history.
Signed-off-by: Nishant Arora <[email protected]>
* main: (27 commits) feat(e2e): add /api/v0/repo/gc test chore: disable METRICS on CI e2e test runs test: add e2e test for /api/v0/version endpoint feat(server): ⚡️ Subdomain Gateway Using Fastify (#31) feat: use production level docker settings (#26) chore: remove unused playwright init code fix: use active LTS in package.json engines fix: playwright CI node-version=20 test: get clinic flame & doctor output from e2e tests test: e2e updates fix: use HOST constant in healthcheck fix: use HOST constant test: cleanup playwright test code test: add playwright tests feat: move HOST,PORT to src/constants.ts fix: ✏️ Fixing urls. (#23) fix: ✏️ helia-docker -> helia-http-gateway (#22) build(deps): Bump @babel/traverse and depcheck (#13) feat: add health-check (#21) fix(server): 🩹 Using sessionID as a fallback to requests where referer is missing. (#20) ... Signed-off-by: Nishant Arora <[email protected]>
In this PR:
sessionID
making it as a fallback later.