Skip to content

Remove VITE_CALDERA_URL and use window.location.origin to route API requests #67

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Feb 28, 2025
Merged

Remove VITE_CALDERA_URL and use window.location.origin to route API requests #67

merged 1 commit into from
Feb 28, 2025

Conversation

daw1012345
Copy link
Contributor

@daw1012345 daw1012345 commented Dec 26, 2024
edited
Loading

Use window.location.origin to decide where to route API requests.

VITE_CALDERA_URL adds complexity with no clear benefit. It is very easy to misconfigure (especially when magma was built outside of container, the .env file was changed, and then the Docker container was built). When it is misconfigured, there is no error and the UI just seems unresponsive.

Due to CORS and tight coupling between caldera and magma, it is very unlikely that the URL is going to be anything other than the value held in window.location.origin. In all other scenarios, a reverse proxy should be used.

@daw1012345
Remove VITE_CALDERA_URL
afbc80a 
Use window.location.origin to decide where to route API requests. VITE_CALDERA_URL added more complexity with little benefit
@daw1012345 daw1012345 mentioned this pull request Dec 26, 2024
Merged
5 tasks
@rfulwell
Copy link

Excellent changes! 🚀

@rfulwell
Copy link

I was able to confirm this fix by cloning these changes from @daw1012345 into my local caldera/plugins/magma repo.
I checked that the server allowed valid logins at both localhost and 127.0.0.1 with no changes to the server. This was the simplest case that I found to demonstrate the broken logins previously. I verified the fix both with and without --insecure on the command line (--fresh was required to reset the saved server state).

@elegantmoose These changes will resolve a number of issues and discussions in the caldera repo and generally make the project much easier to work with.

@elegantmoose
Copy link
Contributor

@djlawren are still fresh on previous changes to look at this one?

@mosajjal mosajjal mentioned this pull request Feb 25, 2025
Closed
@elegantmoose
Copy link
Contributor

@daw1012345 @rfulwell picking this up myself today .Appreciate your patience.

@elegantmoose
Copy link
Contributor

@rfulwell @daw1012345 Were either of you able to test remote login on this PR? (ie logging in from system other than one Caldera is one)

@elegantmoose
Copy link
Contributor

tested local login, works correctly.

@elegantmoose
Copy link
Contributor

@rcamurphy tested remote login, works correctly.

@elegantmoose elegantmoose merged commit 32b5594 into mitre:master Feb 28, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@elegantmoose elegantmoose elegantmoose approved these changes

@djlawren djlawren Awaiting requested review from djlawren

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@daw1012345 @rfulwell @elegantmoose
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy