updates proxy to support access control allow list #3407
Conversation
✅ Deploy Preview for bloom-exygy-dev ready!
To edit notification comments on pull requests, go to your Netlify site settings. |
|
@seanmalbert this is working locally, but when I deploy it to Heroku the issue still persists. I deployed it and added the allow list here: https://dashboard.heroku.com/apps/bloom-backend-main-proxy/settings. But when going to https://bloom.exygy.dev/ and applying to a listing the issue still persists |
There's something funny going on here that I ran into locally while testing things. The header is getting set, but incorrectly: |
|
The deployment issue has been resolved. It was applying two of the same header. Most recent change removes the header from the backend and reapplies it from the proxy. |
ludtkemorgan
added
the
2 reviews needed
|
@ludtkemorgan would you recommend testing locally or in a netlify environment? |
It is probably best to test it in the deployed environment https://bloom.exygy.dev/ and https://partners.bloom.exygy.dev/ since the issue is specific to the proxy setup |
There was a problem hiding this comment.
Hey @ludtkemorgan I think this looks good, I did run into that problem with the listings not being purged properly
I did the following:
look at public site and pick a listing
go to partner site and update the name of that listing
save and look back at the public site
the listing wasn't updated. I did try adding localhost:3100 localhost:3000|localhost:3001|localhost:3100 as the ALLOW_LIST variable and I was still unable to purge the listing
YazeedLoonat
added
needs changes
ludtkemorgan
force-pushed
the
backend-proxy-cors
branch
from
13c9ec8
to
7192b25
Compare
ludtkemorgan
force-pushed
the
backend-proxy-cors
branch
from
7192b25
to
ea2ed73
Compare
|
@YazeedLoonat I moved the purge api call from the partner site to the backend and it is now working. Also I had to downgrade the version of nginx to solve the purge requests failing so you'll need to rebuild the proxy docker image locally again to test this. |
There was a problem hiding this comment.
Hey @ludtkemorgan looks good, looking for your thoughts on await the proxy call
ludtkemorgan
added
1 review needed
* feat: updates proxy to support access control allow list * fix: remove downstream access-control-allow-origin * fix: update readme for m1 * fix: move purge call to the backend * fix: test fix and add await * fix: moving cache purge to helper --------- Co-authored-by: Morgan Ludtke <ludtkemorgan@gmail.com> Co-authored-by: Yazeed Loonat <yazeedloonat@gmail.com>
* feat: updates proxy to support access control allow list * fix: remove downstream access-control-allow-origin * fix: update readme for m1 * fix: move purge call to the backend * fix: test fix and add await * fix: moving cache purge to helper --------- Co-authored-by: Morgan Ludtke <ludtkemorgan@gmail.com> Co-authored-by: Yazeed Loonat <yazeedloonat@gmail.com>
* fix: uptake latest uic Modal, ActionBlock, FormCard breaking changes (bloom-housing#3358) * feat: upgrade react to 18 (bloom-housing#3360) * feat: upgrade nextjs to 13 (bloom-housing#3375) * feat: upgrade nextjs to 13 * fix: attempt to get cypress test working * feat: changing auth over to cookies (bloom-housing#3357) * fix: resolves issues around markedAsDuplicate (bloom-housing#3373) * fix: react type errors (bloom-housing#3382) * refactor: add cloudinary fxn to partners (bloom-housing#3393) * refactor: uptake seeds FormErrorMessage (bloom-housing#3369) * fix: add startDate to open house submit event (bloom-housing#3399) * fix: add three new fields to base view (bloom-housing#3406) * feat: removing sensative info from leasing agent (bloom-housing#3409) * feat: removing sensative info from leasing agent * fix: adding swagger changes * fix: updates for tests * chore(deps): bump cookiejar from 2.1.2 to 2.1.4 (bloom-housing#3295) Bumps [cookiejar](https://github.com/bmeck/node-cookiejar) from 2.1.2 to 2.1.4. - [Release notes](https://github.com/bmeck/node-cookiejar/releases) - [Commits](https://github.com/bmeck/node-cookiejar/commits) --- updated-dependencies: - dependency-name: cookiejar dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix: updates around cookies (bloom-housing#3405) * fix: updates around cookies * fix: creating new migration for token -> code * fix: Searching on the applications table causes the page to crash (bloom-housing#3408) * fix: pass proper value to to_tsquery function * fix: search applications using ILIKE * fix: change where to orWhere * feat: add application search by confirmation code * updates proxy to support access control allow list (bloom-housing#3407) * feat: updates proxy to support access control allow list * fix: remove downstream access-control-allow-origin * fix: update readme for m1 * fix: move purge call to the backend * fix: test fix and add await * fix: moving cache purge to helper --------- Co-authored-by: Morgan Ludtke <ludtkemorgan@gmail.com> Co-authored-by: Yazeed Loonat <yazeedloonat@gmail.com> * fix: escape quote in translation update * fix: add translation for 64 characters error (bloom-housing#3423) * fix: downgrade version of nest axios (bloom-housing#3419) * fix: now removes criteria file if a url is input (bloom-housing#3421) * fix: remove check in test not applicable for hba * fix: update ui-c to latest version (bloom-housing#3420) * fix: update application test * feat: 3291/listing export take 2 (bloom-housing#3424) * fix: functional frontend * fix: hooks and service updates * fix: hitting service file * fix: wip config work * fix: wip config 2 * fix: completed query updates * fix: complete column naming and basic formatting * fix: clean up formatting * fix: wip testing debugging * fix: functional unit tests * fix: cypress tests + formatting * fix: unadded test changes * fix: internal csv testing * fix: exporter test fix * fix: more detailed csv checks * fix: testing + formatting tweaks * fix: exporter testing improvements * fix: updates per pr feedback * fix: match config pattern * fix: add close status option * fix: reset netlify testing * fix: final cleanup * fix: rent type formatting * fix: remove console log * fix: missing state data (bloom-housing#3450) * feat: adding knownError flag * feat: adding knownError flag * fix: partners highlight field on backend error (bloom-housing#3448) * fix: partners highlight field on backend error * fix: community type and disableUnitsAccordion fix * fix: unit type fix for partial units * fix: review comment addressed * fix: phone number fix --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Yazeed Loonat <YazeedLoonat@gmail.com> Co-authored-by: Emily Jablonski <65367387+emilyjablonski@users.noreply.github.com> Co-authored-by: Krzysztof Zięcina <kziecina@airnauts.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Sean Albert <smabert@gmail.com> Co-authored-by: ColinBuyck <53269332+ColinBuyck@users.noreply.github.com>
This fixes the cors issue application start pages are seeing by updating Nginx to support passing in an allow list (now a required parameter).
I also updated the README to include instructions for running locally.
04/24 update:
There is also an issue with the purge requests. This was because of two reasons.