-
-
Notifications
You must be signed in to change notification settings - Fork 5.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Multi-domain support, ROOT_URL problem, use relative URLs in templates instead of absolute URLs #19345
Comments
+1, relative URLs may even enable use cases like running on multiple domains. Thought IIRC, ROOT_URL still needs to stay in the config because sometimes absolute URLs need to be built, like for PR link when pushing via SSH. But it's good nonetheless to remove dependencies on ROOT_URL where possible. |
We need a new global variable |
As seen in #20450, dashboard repo links are one example of incorrect absolute URLs. |
First time I have tried gitea and find it surprising that there is no mention of this at all on the docs. The docs give an impression that the user can set the environment, but this is incorrect. I'll give a subset of examples, there are several more: Documentation: Install with docker Gitea explicitly overrides a lot of headers and links. The advice to differentiate the environment e.g. inside and outside a container, only makes sense if the application offers the configuration feature. E.g. docker mapping to port 3000, instead of 80 or 443, will make you really wonder what the source of the fault is then links dont work. At least by mimic'ing the env on standard ports, some subset will resolve properly. Documentation: Managing deployments with environemt variables This is pure misinformation as the application never properly supported configuration in this manner. The docs seems to be describing a roadmap of how it should end up to be, rather than the factual. Documentation: Recommended server configuration and Documentation: reverse proxies No, the application will override the proxy headers e.g. all of the repository links. This will break your env if you rely on the proxy with redirects URI also. If you follow the docs you will end up with a broken system going in a loop until you find the source of the problem. Would it be possible to mention that this doesnt work on the docs? :) |
So what is the fix here? Refactor HTMLURL to return relative URLS and punt explicit absolute URLS to new config options like SSH? This seems to be an epic but all issues except one (but I think more is needed than JS here) is left open. |
So I think we need an I found it's difficult to get the right root url in the backend because maybe there are some reverse proxies. So it's only done by frontend. But |
I do not think so. No more option is needed. I do not agree with "when a request to a disallowed root url, Gitea should return 404 or redirect to 404.": it's not related to this problem, and it's never a real problem. The proper solution is to refactor most HTMLURLs in templates to relative URLs. And the global ROOT_URL is necessary and must, see the origin comment:
|
To explain why "mismatched ROOT_URL makes the web UI doesn't work properly": because the CSRF tokens and cookies can not work across origin. Users will be affected by: be redirected to a non-login site, fail to do ajax requests, fail to submit forms, etc. (I updated the origin comment) I had a full plan about how to do the refactoring, but doing refactoring for Gitea is pretty difficult. Unless there are enough maintainers promising to support this refactoring, I do not have confidence to work on it. |
I just hit this warning after upgrading an instance to 1.17 (from 1.15?) with ROOT_URL set to its FQDN (e.g. http://git.domain.local:3000/) Now most users on this network get a DNS-suffix (e.g. domain.local) provided by DHCP who access the frontend using just the hostname (http://git:3000) for convenience who now get the warning about the supposedly "wrong" ROOT_URL:
Which doesn't make a whole lot of sense to begin with: Now, as a workaround, i could pipe gitea through a reverse proxy to redirect git to git.domain.local pointing A to the reverse proxy to get rid of the warning but this would ultimately break ssh unless i also add an ssh proxy. So either ignore the warning in this scenario (option in app.ini?) or add the redirect to the build in webserver shipping with gitea as this is only affecting the web part anyway. Cheers |
If you are sure you can ignore the warning, there is a bypass method to hide the warning, see the FAQ in #18971 .
edited: |
Thank you very much, i found the PR after posting the comment.
Hacky but it works 😁 edited by wxiaoguang: |
This comment was marked as outdated.
This comment was marked as outdated.
|
Got it. Thanks for your very kind notice. |
hi, how to force bind to only one domain name? e.g. allow http://localhost but disable directly access by ip: http://127.0.0.1 if the ROOT_URL is https://git.domain/. how to forbid other users to visit it by https://git/ , if they both point to same IP address? |
You can do that in reverseproxy. |
thank you . I want to achieve this without another proxy service like nginx. there's a setting Http_addr to bind IP, but not for bind host. maybe I can modify template .tmpl page file to display blank page if detected ip |
Another possibly-related issue here - I'm trying to set up my instance so that it's accessible independently in two ways:
AFAICT, that's not possible for Docker registry operations since the response to |
…ontains an absolute url (#21986) partially fix #19345 This PR add some `Link` methods for different objects. The `Link` methods are not different from `HTMLURL`, they are lack of the absolute URL. And most of UI `HTMLURL` have been replaced to `Link` so that users can visit them from a different domain or IP. This PR also introduces a new javascript configuration `window.config.reqAppUrl` which is different from `appUrl` which is still an absolute url but the domain has been replaced to the current requested domain.
Re-opening as linked PR only partially resolved this issue |
Most problems in this issue have been addressed by #21986, so I think it's good to:
Now the "Multidomain support" is about 50%-70%.
|
After some PRs: * #21986 * #22795 * #22808 * #22831 * #22839 Users won't be affected by the ROOT_URL problem in most cases. Close #19345 This PR improves AppUrl/ROOT_URL checking, only check it on the admin page, and the message is also updated. Feel free to suggest about more English-native messages. ![image](https://user-images.githubusercontent.com/2114189/217811809-7d44ddb7-2c4a-46d0-a5db-8ae6ee65f8c3.png)
At the moment, Gitea users must set ROOT_URL correctly in
app.ini
, otherwise many URLs on the web UI will be wrong, which makes the web UI doesn't work properly (CSRF tokens and cookies can not work across domains)The ROOT_URL must be set to the full URL which the users visit, with correct scheme(eg:
https://the-gitea-domain/
) and correct sub path if it is used (eg:https://the-gitea-domain/my-gitea-path/
).New code should always use relative URLs for Web UI.
Many maintainers have answered the issues about incorrect ROOT_URL again and again.
Using
HTMLURL
(and other absolute URLs) in templates is the root case that Gitea can only serve web under ROOT_URL.That's why we have to force users to set ROOT_URL correctly.
If all URLs in template can be refactored to use Relative URL correctly, then we do not need to force users set ROOT_URL correctly again and again.
The ROOT_URL is still needed because for example, some webhooks need the absolute URL for external systems, and Gitea should show absolute URL on the UI for clone link, etc.
Related:
Some more related:
window.location.origin
#20089 , it may resolve the incorrect redirection problem during installation.The PR to detect the problem:
The text was updated successfully, but these errors were encountered: