WP-6869: Allow unrestricted domain and root path#86
Open
KharchenkoMaks wants to merge 4 commits intodevelopmentfrom
Open
WP-6869: Allow unrestricted domain and root path#86KharchenkoMaks wants to merge 4 commits intodevelopmentfrom
KharchenkoMaks wants to merge 4 commits intodevelopmentfrom
Conversation
Default WPR_DOMAIN_NAME to '_' (wildcard) to accept requests from any domain. Remove domain injection into sample files to enable wildcard configuration. Previously, domain was always set to a specific value and couldn't be unrestricted. Samples now use relative paths instead of absolute URLs. BREAKING CHANGE: WPR_DOMAIN_NAME defaults to '_' instead of 'localhost'
Add support for root virtual directory. - Add support for WPR_VIRTUAL_DIR='/' to run at root path - Fix slash normalization in configureWebServer.pl to prevent double slashes - Update URL display in configureFiles.pl for root path compatibility - Update README documentation for new configuration options Previously, virtual directory always required a subdirectory. Root path configuration was not possible due to improper slash handling in NGINX location directives.
This was
linked to
issues
Feb 23, 2026
maxim-voronko
approved these changes
Feb 25, 2026
solovyovk
requested changes
Feb 27, 2026
Contributor
solovyovk
left a comment
solovyovk
left a comment
There was a problem hiding this comment.
Changing WPR_DOMAIN_NAME default to _ affects files/startService.sh. In the recently merged PR #85, we added self-signed certificate generation that uses WPR_DOMAIN_NAME
for the certificate CN:
-subj "/CN=${WPR_DOMAIN_NAME:-localhost}"
With _ as the new default, the cert would get CN=_ instead of CN=localhost. After this PR is merged, startService.sh needs to be updated to treat _ as localhost for cert
generation.
Dockerfile
Outdated
| ARG WPR_WEB_PORT | ||
| ARG WPR_DOMAIN_NAME=localhost | ||
| # Domain name for NGINX server_name directive. Default '_' accepts any domain. Set to specific domain to restrict access. | ||
| ARG WPR_DOMAIN_NAME=_ |
Contributor
There was a problem hiding this comment.
Changing WPR_DOMAIN_NAME default to _ affects files/startService.sh. In the recently merged PR #85, we added self-signed certificate generation that uses WPR_DOMAIN_NAME for the certificate CN:
-subj "/CN=${WPR_DOMAIN_NAME:-localhost}"With _ as the new default, the cert would get CN=_ instead of CN=localhost.
We need update there code in files/startService.sh after the line 30 on something like that:
CERT_CN="${WPR_DOMAIN_NAME}"
[ -z "$CERT_CN" ] || [ "$CERT_CN" = "_" ] && CERT_CN="localhost"
echo "$(date '+%m/%d/%y:%H:%M:%S.%3N') No SSL certificates found. Generating self-signed certificate for CN=${CERT_CN}..."
...
-subj "/CN=${CERT_CN}" 2>/dev/nullWPR_DOMAIN_NAME env var and build arg removed. nginx server_name has no effect with a single default_server block — the parameter provided no real access control. Remove it from all Dockerfiles, perl scripts, startService.sh, and README.
KharchenkoMaks
requested review from
ValeriiSudakov,
maxim-voronko and
solovyovk
maxim-voronko
approved these changes
Mar 10, 2026
ValeriiSudakov
approved these changes
Mar 10, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Enable wildcard domain and root path support
Summary
Remove
WPR_DOMAIN_NAMEparameter and add support for root virtual directory deployment.Changes
Unrestricted domain access
WPR_DOMAIN_NAME, with a singledefault_serverblock, nginxserver_namehas no effect regardless of its value. The parameter provided no real access control and created a false sense of security.Previously:
WPR_DOMAIN_NAMEappeared to restrict domain access via server_name, but the default_server flag caused nginx to serve all requests regardless.Now: The container accepts requests from any domain. The misleading parameter is removed.
Root virtual directory support
/) #83WPR_VIRTUAL_DIR=/(or empty string) to run at root pathconfigureWebServer.pl:locationdirectiveslocation / {,location /samples {,location /api {location /wscservice {,location /wscservice/samples {, etc.configureFiles.plfor root path compatibilityPreviously: Virtual directory always required subdirectory. Root path generated invalid NGINX configs with double slashes.
Now: Users can set
WPR_VIRTUAL_DIR=/to deploy at root path (default remainswscservice).Breaking changes
BREAKING CHANGE:
WPR_DOMAIN_NAMEbuild argument and environment variable are removed.Impact: Passing --env WPR_DOMAIN_NAME=... at runtime is silently ignored. Build args referencing it will produce a Docker warning.
Migration: Remove
WPR_DOMAIN_NAMEfrom yourdocker runcommands, Dockerfiles, and compose files.