Restore gateway redirect for CORS XHRs in Firefox #511
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Context for CORS XHR problems in Firefox: #436 In short, onBeforeRequest should not change anything, as it will trigger false-positive CORS error. onHeadersReceived is after CORS validation happens, so its ok to cancel and redirect late. This is not ideal, as there is an outgoing request to the public gateway, and we need to read response headers before connection is aborted, but we can't do better than that until https://bugzilla.mozilla.org/show_bug.cgi?id=1450965 is resolved.
|
💯 bonus points to @lidel for the issue report on bugzilla with minimal working extension to demonstrate the issue, and art lolz in the PR. |
olizilla
reviewed
Jul 3, 2018
add-on/src/lib/ipfs-request.js
Outdated
| @@ -65,7 +68,7 @@ function createRequestModifier (getState, dnsLink, ipfsPathValidator, runtime) { | |||
| if (request.url.includes('/api/v0/add')) { | |||
| for (let header of request.requestHeaders) { | |||
| if (header.name === 'Connection') { | |||
| console.log('[ipfs-companion] Executing "Connection: close" workaround for https://github.com/ipfs/go-ipfs/issues/5168') | |||
| console.warn('[ipfs-companion] Executing "Connection: close" workaround for go-ipfs/issues/5168') | |||
There was a problem hiding this comment.
nitpick: logs with urls in are great, let's keep it
lidel
added a commit
that referenced
this pull request
Jul 5, 2018
Dnslink lookup is disabled by default, but if user opted-in to it, many websites were broken due to invalid gateway redirects. This change fixes regression introduced by: #511 and adds tests to guard against the problem in future.
lidel
added a commit
that referenced
this pull request
Jul 5, 2018
Dnslink lookup is disabled by default, but if user opted-in to it, many websites were broken due to invalid gateway redirects. This change fixes regression introduced by: #511 and adds tests to guard against the problem in future.
lidel
added a commit
that referenced
this pull request
Jul 5, 2018
Dnslink lookup is disabled by default, but if user opted-in to it, many websites were broken due to invalid gateway redirects. This change fixes regression introduced by: #511 and adds tests to guard against the problem in future.
lidel
added a commit
that referenced
this pull request
Jul 5, 2018
Dnslink lookup is disabled by default, but if user opted-in to it, many websites were broken due to invalid gateway redirects. This change fixes regression introduced by: #511 and adds tests to guard against the problem in future.
lidel
added a commit
that referenced
this pull request
Jul 5, 2018
Dnslink lookup is disabled by default, but if user opted-in in latest version websites were broken due to false-positive late gateway redirects of XHR requests. This PR fixes dnslink regression introduced by #511 and adds tests to guard against the problem in future. Some deeper refactoring is due, but that is something for separate PR. I want to land this PR as soon as possible, so that dnslink works again.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR restores gateway redirect for CORS XHR in Firefox via late redirect in
onHeadersReceivedand closes #436.Context for why CORS XHR were not redirected until now can be found in #436 (comment) and upstream Bug #1450965.
In short,
onBeforeRequestcan't redirect anything when CORS XHR is processed, otherwise it will trigger false-positive CORS error. Good news is thatonHeadersReceivedis executed long after CORS validation happens in Firefox, and allows us to cancel original connection and do a late redirect right after response headers arrive.This is the best we can do until upstream Bug #1450965 is addressed.
Additional Notes:
I raised privacy concerns in the upstream bug.
Developers look for an efficient workaround in WebExtension API
Jean-François Millet, 1857, Oil on canvas