-
-
Notifications
You must be signed in to change notification settings - Fork 310
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
It just doesn't work after update (v2.4.2) #1136
Comments
👋🏾Thanks for opening your first issue here! Be sure to follow the issue template! ✌🏾 |
@UlyanaKiklevich Sorry this isn't sufficient information. Can you use the issue template? What platform are you using? What version of the app? Any screenshots? |
Is the GraphiQL hosted in your domain? What error do you see in the developer console in Altair? Is it CORS related? |
I too experienced this issue after previously using it without issues. I am using the Firefox add-on. Initially, the issue appeared to be CORS (which previously was not a problem, despite not changing anything on my end). Upon changing my CORS configuration, the problem is now that the Altair client is not sending the cookies necessary for my authentication setup. Again, previously this all worked perfectly. |
Same issue on latest Chrome build and Altair extension as well. |
TLDR - The chromium team are making changes to the way extensions work with cross origin requests. I'll need to update the extension to work with this new standard. |
However, that doesn't explain why Firefox is also having the same issue. |
I removed some open ended permissions from the browser extensions, in an attempt to better conform to the policies the browser agents are incorporating (like the one in the link I shared). The permission about access to all sites is what allowed the extension to work without CORS for any site before the update. I would add the permission back for now, but unfortunately the direction the browser agents are going for extensions would require having these web limitations in the browser extensions as well. I have written about the limitations of the web app previously (https://sirmuel.design/altair-graphql-web-app-limitations-b671a0a460b8) and it might happen that the extensions would have these limitations within the year, so the recommendation of using the desktop apps if possible still stands.
|
Correct me if I'm wrong, but this means there is no longer a method of using Altair with cookies, right? Therefore, if your authentication technique relies on cookies, not just headers, there is no way to use Altair. |
You could always specify cookies in the desktop apps. The limitations of the browsers don't affect the desktop apps in the same way. |
In the meantime (at v2.4.3), you would still be able to use the cookie based authentications in the browser extensions as before, until anything changes from the chromium team. |
v2.4.3 fixes the issue. Thank you! |
After extension was updates, I get nothing more then
{ "isTrusted": true}
as a response to all queries and mutations. I used this extension a lot, so I know how it works. Now it's broken.The text was updated successfully, but these errors were encountered: