-
Notifications
You must be signed in to change notification settings - Fork 9.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Avatars (or all images?) should go through proxy/authentication and be cached #821
Comments
They should also be authenticated for Enterprise instances. |
I'm thinking we could treat this as a stretch goal for M4. I think it should definitely happen before 1.0, but as-is we're on-par with Classic. Thoughts? |
For posterity, @niik and I talked about this a bit and it should probably be implemented as a service worker. |
From https://developer.mozilla.org/en-US/docs/Web/API/Service_Worker_API:
I don't feel like I have enough context to know, but could this be a problem for Enterprise customers? |
Technically you can run GHE over HTTP despite it being highly discouraged for all sorts of reasons - there's probably some old threads about it we can find to see how badly this will break for them. These days it's mostly the self-signed certificate hassles (e.g. trialing GHE) that we'd need to handle, and if we're adding support for adding self-signed certificates in the app then that should be covered. |
And I suppose worst case it's just avatars that break. |
I guess if we can serve up a placeholder image in case of failure then it's okay? |
It looks like this may not be possible right now: https://github.com/github/github/issues/71916 I'll wait and see what response that issue gets, but I imagine we'll have to punt this. |
Based on the initial response, it sounds like this is currently not possible. Avatars won't authenticate with a token. I'll keep this open, but I'm 👢'ing it from M4. |
Just hit missing avatars on enterprise instances. I manually authenticated inside electron via It's a crappy workaround, but visually this is the most visible missing piece in the current UI for enterprise customers, IMO. Aside from that, I'm liking this thing :) |
Yeah, inside the renderer process we do have the ability to assign cookies from a valid GitHub session, which would explain how that workaround succeeds, but we've avoided doing the entire auth process completely in there (because security?).
💖 |
Please! |
@hparadiz are you connecting to GitHub or a GitHub Enterprise instance? |
@shiftkey Enterprise |
@hparadiz cool. So an update on this - even with providing a valid token, there's situations where Enterprise won't return the avatar to Desktop. We're talking with the Enterprise team to get this fixed, which will then take time to reach customers in an update. Apologies for the delay. |
Subscribing - I have the same issue. |
Version 1.0.4 still has this bug. Avatars from GHE are not displayed. |
Yes, this is currently blocked by some required work on GitHub Enterprise. |
Bumping this thread as we've not had much movement on this from our end - a few people have suggested re-implementing Gravatar support as a fallback that we had in the classic apps. @desktop/core unless there's any objections to this I'll throw it on my plate this week to estimate the work involved. |
It may seem cosmetic, but displaying a broken image icon is worse than even just showing a placeholder image. It reduces confidence in the application. So I'm 👍 to doing something here. The gravatar fallback seems like a good start. Gravatar itself has a fallback mechanism. So the fallback sequence would be:
We should never show a broken image here. |
I'm seeing the robot too, but I'm also seeing broken avatar images in my history list. |
@shiftkey I know the current solution is to use Gravatar for fallback, do you know if the GitHub enterprise team will be able to do the work required to not require Gravatar fall back in the future? |
@say25 it's an ongoing discussion with the team, and even after a fix lands it would require GitHub Enterprise administrators to update their instances. I've made a big dent into this in #3513, so please follow along with that PR and we'll see if we can make this experience better in the short-term. |
Still not fixed |
No description provided.
The text was updated successfully, but these errors were encountered: