Skip to content

Reverse proxies fixed #117

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
ddelpiano merged 5 commits into from
Jul 14, 2025
Merged

Reverse proxies fixed #117

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
b2e02f3
some fixes
ddelpiano Jul 2, 2025
eb4e409
Merge branch 'devel' of https://github.com/metacell/interlex into fix…
ddelpiano Jul 9, 2025
f5debca
Merge branch 'devel' of https://github.com/metacell/interlex into fix…
ddelpiano Jul 14, 2025
af1c84e
RPs configs
ddelpiano Jul 14, 2025
e634095
fixing new login
ddelpiano Jul 14, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
74 changes: 64 additions & 10 deletions nginx/default.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,10 @@ server {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_ssl_verify off;

# CORS headers
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Credentials true always;
Comment on lines +27 to +30
Copy link

Copilot AI Jul 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

CORS headers are repeated in multiple location blocks. Consider moving common headers into a shared include or a global http/server context to reduce duplication.

Suggested change
# CORS headers
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Credentials true always;

Copilot uses AI. Check for mistakes.
}

location ~ ^/([^/]+)/priv/(.*) {
Expand All @@ -33,38 +37,88 @@ server {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_ssl_verify off;

# CORS headers
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Credentials true always;
add_header Access-Control-Expose-Headers X-Redirect-Location always;
}

location ~ ^/[^/]+/(tmp|ilx)_.*\.(html|ttl|jsonld|n3|owl|csv)$ {
proxy_pass https://uri.olympiangods.org$request_uri;
proxy_set_header Host $host;
proxy_pass https://uri.olympiangods.org;
proxy_set_header Host uri.olympiangods.org;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_ssl_verify off;

# CORS headers
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Credentials true always;
}

location ~ ^/[^/]+/ontologies/uris/.*\.(html|jsonld)$ {
proxy_pass https://uri.olympiangods.org;
proxy_set_header Host uri.olympiangods.org;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_ssl_verify off;

# CORS headers
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Credentials true always;
}

location ~ ^/[^/]+/ontologies/uris/.*/spec$ {
proxy_pass https://uri.olympiangods.org$request_uri;
proxy_set_header Host $host;
proxy_pass https://uri.olympiangods.org;
proxy_set_header Host uri.olympiangods.org;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;

# Forward Authorization header if present
proxy_set_header Authorization $http_authorization;

proxy_ssl_verify off;

# Handle 303 redirects
proxy_intercept_errors on;
error_page 303 = @handle_303;

# CORS headers
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Credentials true always;
add_header Access-Control-Expose-Headers X-Redirect-Location always;
}

# Handle 303 redirects: move Location to X-Redirect-Location
proxy_intercept_errors on;
error_page 303 = @handle_303;
location ~ ^/[^/]+/[^/]+/versions$ {
proxy_pass https://uri.olympiangods.org;
proxy_set_header Host uri.olympiangods.org;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_ssl_verify off;

# CORS headers
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Credentials true always;
}

# Handle 303 redirects for spec endpoint
location @handle_303 {
internal;
proxy_pass https://uri.olympiangods.org;
Copy link

Copilot AI Jul 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The @handle_303 block uses a static proxy_pass URL, which discards the original request URI. Use $request_uri or append $uri to preserve the path when forwarding.

Suggested change
proxy_pass https://uri.olympiangods.org;
proxy_pass https://uri.olympiangods.org$request_uri;

Copilot uses AI. Check for mistakes.
proxy_set_header Host uri.olympiangods.org;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Authorization $http_authorization;
proxy_ssl_verify off;

# Move Location header to X-Redirect-Location
proxy_hide_header Location;
add_header X-Redirect-Location $upstream_http_location always;
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Credentials true always;
add_header Access-Control-Expose-Headers X-Redirect-Location always;
}

location /static/ {
Expand Down
8 changes: 4 additions & 4 deletions src/components/Auth/Login.jsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,13 +50,13 @@ const Login = () => {
const { code, cookies, groupname } = e.data;
if (code === 200 || code === 302) {
const _cookies = JSON.parse(cookies);
const sessionCookie = _cookies.find(cookie => cookie.name === "session");
const sessionCookie = _cookies && Object.prototype.hasOwnProperty.call(_cookies, 'session') ? _cookies['session'] : undefined;
let expires = new Date()
if (sessionCookie && (existingCookies['session'] === undefined)) {
expires.setTime(expires.getTime() + (2 * 24 * 60 * 60 * 1000)); // 2 days
setCookie(
'session',
sessionCookie.value,
sessionCookie,
Copy link

Copilot AI Jul 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

setCookie expects a string value, but sessionCookie may be an object. Pass sessionCookie.value or serialize the correct property instead.

Copilot uses AI. Check for mistakes.
{
path: '/',
secure: false,
Expand All @@ -79,10 +79,10 @@ const Login = () => {
localStorage.setItem(API_CONFIG.SESSION_DATA.SETTINGS, JSON.stringify(userData));
localStorage.setItem(API_CONFIG.SESSION_DATA.COOKIE, JSON.stringify({
name: 'session',
value: sessionCookie.value,
value: sessionCookie,
expires: expires
}));
localStorage.setItem("token", sessionCookie.value)
localStorage.setItem("token", sessionCookie)
Copy link

Copilot AI Jul 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You are storing the entire cookie object in localStorage instead of its string value. Use sessionCookie.value for the token.

Suggested change
localStorage.setItem("token", sessionCookie)
localStorage.setItem("token", sessionCookie.value || sessionCookie)

Copilot uses AI. Check for mistakes.
setUserData({
name: userData['groupname'],
id: userData['orcid'],
Expand Down
19 changes: 15 additions & 4 deletions vite.config.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,6 @@ export default defineConfig({
console.log('Received Response from the Target:', proxyRes.statusCode, req.url);
const location = proxyRes.headers['location'];
console.log('Received location', location);

if (proxyRes.statusCode === 303 && location) {
// Prevent browser from seeing the actual Location
delete proxyRes.headers['location'];
Expand All @@ -79,7 +78,6 @@ export default defineConfig({
res.setHeader('Access-Control-Allow-Credentials', 'true');
res.setHeader('Access-Control-Expose-Headers', 'X-Redirect-Location');
});

},
},
'^/[^/]+/(tmp|ilx)_.*\\.(html|ttl|jsonld|n3|owl|csv)$': {
Expand Down Expand Up @@ -123,13 +121,11 @@ export default defineConfig({
proxyReq.setHeader('Authorization', req.headers.authorization);
}
});

proxy.on('proxyRes', (proxyRes, req, res) => {
const location = proxyRes.headers['location'];

if (proxyRes.statusCode === 303 && location) {
delete proxyRes.headers['location'];
res.statusCode = 200; // Prevent browser redirect
res.setHeader('X-Redirect-Location', location);
res.setHeader('Access-Control-Allow-Origin', req.headers.origin || '*');
res.setHeader('Access-Control-Allow-Credentials', 'true');
Expand All @@ -148,6 +144,21 @@ export default defineConfig({
res.setHeader('Access-Control-Expose-Headers', 'X-Redirect-Location');
});
},
},
'^/[^/]+/[^/]+/versions$': {
Copy link

Copilot AI Jul 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The new versions proxy block duplicates header-handling logic from other routes. Consider extracting common proxy event handlers into a helper to avoid repetition.

Copilot uses AI. Check for mistakes.
target: 'https://uri.olympiangods.org',
changeOrigin: true,
secure: false,
rewrite: path => path, // Keep full path
configure: (proxy) => {
proxy.on('proxyRes', (proxyRes, req, res) => {
const origin = req.headers.origin;
if (origin) {
res.setHeader('Access-Control-Allow-Origin', origin);
}
res.setHeader('Access-Control-Allow-Credentials', 'true');
});
},
}
},
},
Expand Down