-
Notifications
You must be signed in to change notification settings - Fork 112
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Filter root path according to the agent that makes the request #2212
Conversation
Thanks for opening this pull request! The maintainers of this repository would appreciate it if you would create a changelog item based on your changes. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you confirm once that contexts from web requests are propagated here? We do pass the same context (https://github.com/cs3org/reva/blob/master/internal/http/services/owncloud/ocdav/get.go#L63) but let's confirm it once
Also please look at my review from the last PR
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I meant moving the IsUserAgentAllowed
method to a separate package 😅
cb14ff3
to
b570bd9
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can anybody elaborate what that is used for? For me, this looks error prone and maybe incomplete, depending on what should be achieved. I think this kind of code will never catch all UserAgents (not talking about simply spoofing the UA) and should be avoided whenever possible.
@dragotin The aim of this is to filter the root path view based on the agent that make the request. For example we would like to just view the home directory from the directory, while still see the home and shares from the sync client. |
@ishank011 I have just tested and the user agent from the http request is not propagated into the grpc requests |
97f6f9d
to
f2edb06
Compare
This pull request introduces 1 alert when merging f2edb06 into 867d1e2 - view on LGTM.com new alerts:
|
Why don't we use this here?
|
4fe3820
to
01a37b6
Compare
I will leave a comment here to keep track on what we discussed yesterday and other thought I have after playing with user agents in GRPC. Actually this is the way of specifying a user agent in a grpc call, that internally updates the outcoming metadata in the context when you will call a grpc method, and you can find the user agent in the incoming metadata in the context server-side. But, even if you specify your own user agent, this will be concatenated with the string "grpc-go/". I do not know if this can broke the library we use to parse the user agents, maybe not. But the main problem of using this approach is that for each time you want to get a grpc client for a service you need to specify the user agent that will do the request, if not specified, grpc automatically will set its default ("grpc-go/"). This means that we should modify all the methods in the pool pkg to receive a user agent. But I do not like this approach as we cannot cache anymore the grpc connection for each endpoint address, but we should cache also the user agent. In fact after a dial, there is no way to override it after creating a new connection (I tried also modifying the internal metadata of a context before a call, but apparently grpc reset it with the user agent passed to the Dial method). So I preferred to define my own user agent token that will be managed internally by reva and not by grpc. With this approach we do not have the cons mentioned above. Of course the user agent log did not work, as it was reading the grpc user-agent metadata, and not the new one. Now it’s fixed and you should see the correct user agent in the log. |
681d371
to
b0fd276
Compare
b0fd276
to
6dee4ab
Compare
No description provided.