Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add advanced setting for enabling plain HTTP domains #403

Merged
merged 15 commits into from
Feb 10, 2025
Merged

add advanced setting for enabling plain HTTP domains #403

merged 15 commits into from
Feb 10, 2025

Conversation

TheCactusBlue
Copy link
Contributor

@TheCactusBlue TheCactusBlue commented Jan 28, 2025
edited by ellipsis-dev bot
Loading

Important

Add support for enabling plain HTTP domains for development in domain configuration and validation.

  • Behavior:
    • Added allowInsecureHttp boolean to domain configuration in page-client.tsx.
    • Updated domain validation to allow HTTP if allowInsecureHttp is true.
    • Added UI switch for enabling HTTP domains in EditDialog.
  • Validation:
    • Removed projectTrustedDomainSchema and updated domainSchema to allow HTTP.
  • Tests:
    • Added test cases in projects.test.ts for allowing HTTP domains and rejecting non-HTTP protocols.

This description was created by Ellipsis for 735fba1. It will automatically update as commits are pushed.

@vercel Vercel
Copy link

vercel bot commented Jan 28, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
stack-backend ✅ Ready (Inspect) Visit Preview 💬 Add feedback Feb 10, 2025 6:17am
stack-dashboard ✅ Ready (Inspect) Visit Preview 💬 Add feedback Feb 10, 2025 6:17am
stack-demo ✅ Ready (Inspect) Visit Preview 💬 Add feedback Feb 10, 2025 6:17am

@CLAassistant
Copy link

CLAassistant commented Jan 28, 2025
edited
Loading

CLA assistant check
All committers have signed the CLA.

fomalhautb
fomalhautb reviewed Jan 29, 2025
View reviewed changes
Copy link
Contributor

@fomalhautb fomalhautb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me other than the few comments

apps/dashboard/src/app/(main)/(protected)/projects/[projectId]/domains/page-client.tsx Outdated Show resolved Hide resolved
.github/workflows/setup-tests.yaml Outdated Show resolved Hide resolved
packages/stack-shared/src/interface/crud/projects.ts Show resolved Hide resolved
N2D4
N2D4 requested changes Jan 29, 2025
View reviewed changes
Copy link
Contributor

@N2D4 N2D4 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some comments below. btw when doing UI changes, add a screenshot of the new UI for the reviewers

packages/stack-shared/src/interface/crud/projects.ts Outdated Show resolved Hide resolved
apps/dashboard/src/app/(main)/(protected)/projects/[projectId]/domains/page-client.tsx Outdated Show resolved Hide resolved
@N2D4
Copy link
Contributor

N2D4 commented Jan 29, 2025

also, can you add an E2E test for this?

ellipsis-dev[bot]
ellipsis-dev bot reviewed Feb 6, 2025
View reviewed changes
apps/dashboard/src/app/(main)/(protected)/projects/[projectId]/domains/page-client.tsx Outdated
.transform((value) => 'https://' + value)
domain: yup.string()
.matches(DOMAIN_REGEX, "Invalid domain")
.test('is-domain', (domain) => {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The custom Yup test always uses 'https://' when calling createUrlIfValid. Consider referencing the allowInsecureHttp flag (via this.parent) so that if plain HTTP is enabled, the proper protocol is validated. Also consider adding an explicit error message for clarity.

@N2D4
Copy link
Contributor

N2D4 commented Feb 9, 2025

@TheCactusBlue can you add E2E tests, and then merge this?

ellipsis-dev[bot]
ellipsis-dev bot reviewed Feb 10, 2025
View reviewed changes
apps/e2e/tests/backend/endpoints/api/v1/projects.test.ts
`);
});

it("should not allow protocols other than http(s) in trusted domains", async ({ expect }) => {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The test description 'should not allow protocols other than http(s)' is inconsistent with the inline snapshot which still returns status 200 and includes the 'whatever://' protocol. Please verify if disallowed protocols should result in an error response.

@fomalhautb fomalhautb merged commit 064b522 into dev Feb 10, 2025
13 of 15 checks passed
@fomalhautb fomalhautb deleted the http-domains branch February 10, 2025 18:07
TheCactusBlue added a commit that referenced this pull request Feb 11, 2025
@TheCactusBlue
fix tests from PR #403
9a25336
TheCactusBlue added a commit that referenced this pull request Feb 11, 2025
@TheCactusBlue
fix tests from PR #403 (#427)
b28eadb
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fomalhautb fomalhautb fomalhautb left review comments

@ellipsis-dev ellipsis-dev[bot] ellipsis-dev[bot] left review comments

@N2D4 N2D4 N2D4 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@TheCactusBlue @CLAassistant @N2D4 @fomalhautb