Let's say we import https://www.a.com/page.html page. The requested page via the proxy is: http://localhost:3001/page.html?host=https://www.a.com.
This will set the hlx-proxyhost cookie value to https://www.a.com so that resources referenced on the https://www.a.com/page.html page (like images, js, css...) will not need the host query parameter (if their url do not contain the host name). For example, an image with src="/image.png" will be served by the proxy from https://www.a.com without requiring the host query param because the cookie contains the host.
Now if during the import process we need some resources from another host, something like a json file https://www.b.com/sheet.json. We can leverage the proxy and request http://localhost:3001/sheet.json?host=https://www.b.com which will prevent the CORS issues.
But... this request will re-set the hlx-proxyhost cookie value to https://www.b.com and then corrupt the import process: the subsequent requests without the host query param will try to fetch from b.com and not a.com like described above.
To solve that problem, we need to change how the cookie is set or consumed:
- we want the cookie to be set to
a.com so that we do not have to re-write all resources url / href / src to append the host query parameter
- if we need to hit a different host, we can specify the
host query param to get around the cookie value but NOT override the cookie value
As soon as we start dealing with different hosts, I think we need adobe/helix-cli#2072.
cc @mhaack
Let's say we import
https://www.a.com/page.htmlpage. The requested page via the proxy is:http://localhost:3001/page.html?host=https://www.a.com.This will set the
hlx-proxyhostcookie value tohttps://www.a.comso that resources referenced on thehttps://www.a.com/page.htmlpage (like images, js, css...) will not need thehostquery parameter (if their url do not contain the host name). For example, an image withsrc="/image.png"will be served by the proxy fromhttps://www.a.comwithout requiring thehostquery param because the cookie contains the host.Now if during the import process we need some resources from another host, something like a json file
https://www.b.com/sheet.json. We can leverage the proxy and requesthttp://localhost:3001/sheet.json?host=https://www.b.comwhich will prevent the CORS issues.But... this request will re-set the
hlx-proxyhostcookie value tohttps://www.b.comand then corrupt the import process: the subsequent requests without thehostquery param will try to fetch fromb.comand nota.comlike described above.To solve that problem, we need to change how the cookie is set or consumed:
a.comso that we do not have to re-write all resources url / href / src to append thehostquery parameterhostquery param to get around the cookie value but NOT override the cookie valueAs soon as we start dealing with different hosts, I think we need adobe/helix-cli#2072.
cc @mhaack