-
Notifications
You must be signed in to change notification settings - Fork 969
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: Allow use of relative URLs in config #1754
Conversation
Codecov Report
@@ Coverage Diff @@
## master #1754 +/- ##
==========================================
- Coverage 75.13% 73.93% -1.20%
==========================================
Files 292 260 -32
Lines 15125 12715 -2410
==========================================
- Hits 11364 9401 -1963
+ Misses 2950 2685 -265
+ Partials 811 629 -182
Continue to review full report at Codecov.
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
To prevent regression of this bug (again 😅), it would be good to add a case to one of the handlers that ensures it actually does a relative redirect when configured to do so.
Ideally even in all flow handlers like https://github.com/ory/kratos/blob/43c315022f05206f1ab0db82b3c98b3fd333921d/selfservice/flow/login/handler_test.go
https://github.com/ory/kratos/blob/43c315022f05206f1ab0db82b3c98b3fd333921d/selfservice/flow/registration/handler_test.go
and the others.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Awesome, thank you for your contribution! This looks pretty good and I have some ideas how to improve it further :)
I added an explicit redirect check to the 3 handler tests that already had |
1a82ffc
to
b24e9a3
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks a lot, this looks very good now 🎉
@@ -197,3 +197,17 @@ func SelfServiceMakeHookRequest(t *testing.T, ts *httptest.Server, suffix string | |||
require.NoError(t, err) | |||
return res, string(body) | |||
} | |||
|
|||
func GetSelfServiceRedirectLocation(t *testing.T, url string) string { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Perfect 👍
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great work! :)
Could you add tests for the remaining (verification, settings, error) flows also please? :)
That ensures that this never unintentionally breaks - so it’s like an insurance for you :)
I can give it a shot, but since those flows don't have the |
Oh I see! If you have difficulties figuring it out feel free to ask here :) |
While the PR is being worked on I will mark it as a draft. That declutters our review backlog :) Once you're done with your changes and would like someone to review them, mark the PR as ready and request a review from one of the maintainers. Thank you! |
b24e9a3
to
2245446
Compare
Separate functions for absolute and relative URLS Add distinct test cases for relative urls
Add tests for error, verification, and settings flows
2245446
to
780ddd2
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great job, thank you! :)
Re-running tests |
This PR reverts to previous behavior and allows relative uri-references for self-service URLS. This functionality matches the current documentation and addresses what seems like a bug that was introduced.
Our specific use case is an on-prem application that does not know it's hostname at deployment, and needs to be accessible by arbitrary DNS names or IP hostnames.
Related issue(s)
#1446
Checklist
contributing code guidelines.
vulnerability. If this pull request addresses a security. vulnerability, I
confirm that I got green light (please contact
[email protected]) from the maintainers to push
the changes.
works.
Further Comments
I don't believe a documentation change is needed, as this should be working already according to the config examples and schema. eg.
/Dashboard