Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(server): 🩹 Using sessionID as a fallback to requests where referer is missing. #20

Merged
merged 2 commits into from
Oct 23, 2023

Conversation

whizzzkid
Copy link
Contributor

In this PR:

  • This is a temp fix for Tiros.
  • This is also a bridge fix for subdomain gateways #16
  • The requests so far relied on referer data to understand the root ipns link. However that may not always be true.
  • This stores the ipns path as a sessionID making it as a fallback later.
web3.storage

@whizzzkid whizzzkid requested a review from SgtPooki October 20, 2023 21:40
Copy link
Member

@SgtPooki SgtPooki left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

just some comments

* Computes referer path for the request.
*/
private fetchRefererPath ({ request }: IRouteHandler): string {
let refererPath = new URL(request.headers.referer ?? 'http://ipfs.io').pathname
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

defaulting to 'ipfs.io' here seems wrong. why not default to ${currentUrl}?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

not currentUrl (because pathname) but request.hostname should work.

private fetchRefererPath ({ request }: IRouteHandler): string {
let refererPath = new URL(request.headers.referer ?? 'http://ipfs.io').pathname
if (refererPath === '/') {
refererPath = request.sessionID
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should we use sessionId in scenarios other than when refererPath === '/'?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

referrer should be more reliable, in most cases, this is just a fallback.

/**
* Computes referer path for the request.
*/
private fetchRefererPath ({ request }: IRouteHandler): string {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
private fetchRefererPath ({ request }: IRouteHandler): string {
private getRefererFromRouteHandler ({ request }: IRouteHandler): string {

I don't think we should use the term fetch here.

Also, (joke) just because HTTP spec spells referrer wrong doesn't mean we need to? =P

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

it was driving me crazy, sorry tired of seeing two different spellings.

await heliaServer.isReady
app.use(session({
genid: heliaServer.sessionId,
secret: 'very secret value'
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: too secret of a value. please remove from commit history.

Signed-off-by: Nishant Arora <[email protected]>
@whizzzkid whizzzkid merged commit 732c655 into main Oct 23, 2023
1 check passed
whizzzkid added a commit that referenced this pull request Oct 26, 2023
* main: (27 commits)
  feat(e2e): add /api/v0/repo/gc test
  chore: disable METRICS on CI e2e test runs
  test: add e2e test for /api/v0/version endpoint
  feat(server): ⚡️ Subdomain Gateway Using Fastify (#31)
  feat: use production level docker settings (#26)
  chore: remove unused playwright init code
  fix: use active LTS in package.json engines
  fix: playwright CI node-version=20
  test: get clinic flame & doctor output from e2e tests
  test: e2e updates
  fix: use HOST constant in healthcheck
  fix: use HOST constant
  test: cleanup playwright test code
  test: add playwright tests
  feat: move HOST,PORT to src/constants.ts
  fix: ✏️  Fixing urls. (#23)
  fix: ✏️ helia-docker -> helia-http-gateway (#22)
  build(deps): Bump @babel/traverse and depcheck (#13)
  feat: add health-check (#21)
  fix(server): 🩹 Using sessionID as a fallback to requests where referer is missing. (#20)
  ...

Signed-off-by: Nishant Arora <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants