Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Hajk behind authentication proxy => manifest.json 401:s #1072

Closed
Hallbergs opened this issue May 4, 2022 · 3 comments · Fixed by #1073
Closed

Hajk behind authentication proxy => manifest.json 401:s #1072

Hallbergs opened this issue May 4, 2022 · 3 comments · Fixed by #1073
Assignees
@Hallbergs
Labels
bug module:admin module:client/core Core functionality (not a plugin)
Milestone
3.10

Comments

@Hallbergs
Copy link
Member

If Hajk is deployed behind an authentication proxy, requests for the manifest.json fails with a 401.

image

My guess is that this stems from the fact that no crossorigin-attribute is set on the link. Adding crossorigin="use-credentials" seems to fix the error.

Suggested fix: Add crossorigin="use-credentials" on the manifest-links (both in client and admin).
@Hallbergs Hallbergs self-assigned this May 4, 2022
@Hallbergs Hallbergs added bug module:client/core Core functionality (not a plugin) module:admin labels May 4, 2022
@Hallbergs Hallbergs added this to the 3.x milestone May 4, 2022
Hallbergs added a commit that referenced this issue May 4, 2022
@Hallbergs
Added crossorigin="use-credentials" on manifest-files. Closes #1072
eb0c0a1
@Hallbergs Hallbergs mentioned this issue May 4, 2022
Merged
@Hallbergs Hallbergs linked a pull request May 4, 2022 that will close this issue
Added crossorigin="use-credentials" on manifest-files. Closes #1072 #1073
Merged
@Hallbergs Hallbergs modified the milestones: 3.x, 3.10 May 4, 2022
@jacobwod
Copy link
Member

jacobwod commented May 4, 2022
edited
Loading

Is this treated differently because of the MIME type? You haven't seen the same problems with the remaining resources (logo192.png, index.css)? Otherwise it could be a good time to fix that now too.

@Hallbergs
Copy link
Member Author

Yes it's treated differently since it's json-data. The other imports works as intended.

@jesade-vbg
Copy link
Contributor

Good work Hallbergs!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Hallbergs Hallbergs

Labels
bug module:admin module:client/core Core functionality (not a plugin)
Projects
None yet
Milestone
3.10
Development

Successfully merging a pull request may close this issue.

Added crossorigin="use-credentials" on manifest-files. Closes #1072 hajkmap/Hajk
3 participants
@jacobwod @Hallbergs @jesade-vbg