docs: improve install docs for macOS (#788)

* docs: improve install docs for macOS * improvements
dunglas · Jul 20, 2023 · e27e613 · e27e613
1 parent 0e305ff
commit e27e613
Show file tree

Hide file tree

Showing 2 changed files with 28 additions and 6 deletions.
diff --git a/docs/hub/install.md b/docs/hub/install.md
@@ -10,9 +10,9 @@ The Mercure.rocks hub is available as a custom build of the [Caddy web server](h
 
 First, download the archive corresponding to your operating system and architecture [from the release page](https://github.com/dunglas/mercure/releases), extract the archive and open a shell in the resulting directory.
 
-*Note:* macOS users must use the `Darwin` binary.
+*Note:* macOS users must download the `Darwin` binary, then run `xattr -d com.apple.quarantine ./mercure` [to release the hub from quarantine](troubleshooting.md#macos-localhost-installation-error).
 
-Then, to start the Mercure.rocks Hub in development mode on Linux and macOS, run:
+To start the Mercure.rocks Hub in development mode on Linux and macOS, run:
 
 ```console
 MERCURE_PUBLISHER_JWT_KEY='!ChangeThisMercureHubJWTSecretKey!' \

diff --git a/docs/hub/troubleshooting.md b/docs/hub/troubleshooting.md
@@ -14,20 +14,42 @@ For both the `publish` property, the array can be empty to publish only public u
 
 ## CORS Issues
 
-If the app connecting to the Mercure hub and the hub itself are not served from the same domain, you must whitelist the domain of the app using the CORS (Cross-Origin Resource Sharing) mechanism. The usual symptoms of a CORS misconfiguration are errors about missing CORS HTTP headers in the console of the browser (`Refused to connect to 'https://hub.example.com/.well-known/mercure?topic=foo' because it violates the following Content Security Policy directive` with Chrome, `Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://hub.example.com/.well-known/mercure?topic=foo. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing)` with Firefox).
+If the app connecting to the Mercure hub and the hub itself are not served from the same domain, you must whitelist the domain of the app using the CORS (Cross-Origin Resource Sharing) mechanism.
+
+The usual symptoms of a CORS misconfiguration are errors about missing CORS HTTP headers in the console of the browser:
+
+* Chrome: `Refused to connect to 'https://hub.example.com/.well-known/mercure?topic=foo' because it violates the following Content Security Policy directive`
+* Firefox: `Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://hub.example.com/.well-known/mercure?topic=foo. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing)`
 
 To fix these errors, set the list of domains allowed to connect to the hub as value of the `cors_origins` in the `Caddyfile`. Example: `cors_origins https://example.com https://example.net`. Don't forget the `https://` prefix before the domain name!
 
-If you use an authorization mechanism (cookie or `Authorization` header), [you cannot set the value of `cors_origins` to `*`](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#Credentialed_requests_and_wildcards). You **must** explicitly set the list of allowed origins.
+If you use an authorization mechanism (cookie or `Authorization` header), [you **cannot** set the value of `cors_origins` to `*`](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#Credentialed_requests_and_wildcards). You **must** explicitly set the list of allowed origins.
+
 If you don't use an authorization mechanism (anonymous mode), you can set the value of `cors_origins` to `*` to allow all applications to connect to the hub (be sure to understand the security implications of what you are doing).
 
 ## URI Templates and Topics
 
 Try [our URI template tester](https://uri-template-tester.mercure.rocks/) to ensure that the template matches the topic.
 
-## Mac OS Localhost Installation Error
+## macOS Localhost Installation Error
+
+To execute the Mercure.rocks binary, you must first [release it from quarantine](https://eclecticlight.co/2023/03/13/ventura-has-changed-app-quarantine-with-a-new-xattr/).
+
+### macOS Ventura And Later Versions
+
+Remove the `com.apple.quarantine` attribute:
+
+    xattr -d com.apple.quarantine ./mercure
+
+You can now start the hub as usual:
+
+    ./mercure run
+
+The attribute only needs to be deleted once.
+
+### macOS Catalina
 
-How to process for Mercure to work in Mac OS Catalina:
+On macOS Catalina and later versions, follow these steps:
 
 * In the Finder on your Mac, locate the app that you want to open
 * Control-click on the app icon, then choose "Open" from the shortcut menu