-
-
Notifications
You must be signed in to change notification settings - Fork 2.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support special webserver.port ports ending in "s" (secure) and "r" (redirect) #5499
Conversation
…redirect) Signed-off-by: DL6ER <dl6er@dl6er.de>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The redirect part is tricky
nanopi@nanopi:~$ pihole -q flurry.com
curl: (6) Could not resolve host: nanopi.lan
curl: (6) Could not resolve host: nanopi.lan
Found domains exactly matching 'flurry.com'.
/opt/pihole/query.sh: 66: [: Illegal number:
Found adlists exactly matching 'flurry.com'.
/opt/pihole/query.sh: 79: [: Illegal number:
++ pihole-FTL --config webserver.port
+ ports=80r,443s
+ port=80r
+ '[' r = s ']'
+ '[' r = r ']'
+ API_PROT=http
+ API_PORT=80
+ API_URL=http://localhost:80/api
++ curl -skSL -o /dev/null -w '%{http_code}' http://localhost:80/api/auth
curl: (6) Could not resolve host: nanopi.lan
+ availabilityResonse=308
nanopi@nanopi:~$ curl -vL -o /dev/null -w '%{http_code}' http://localhost:80/api/auth
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Trying 127.0.0.1:80...
* Connected to localhost (127.0.0.1) port 80 (#0)
> GET /api/auth HTTP/1.1
> Host: localhost
> User-Agent: curl/7.88.1
> Accept: */*
>
< HTTP/1.1 308 Permanent Redirect
< Location: https://nanopi.lan/api/auth
< Cache-Control: max-age=3600
< Content-Security-Policy: default-src 'self' 'unsafe-inline';
< X-Frame-Options: DENY
< X-XSS-Protection: 0
< X-Content-Type-Options: nosniff
< Referrer-Policy: strict-origin-when-cross-origin
< Content-Length: 0
< Date: Sun, 26 Nov 2023 20:42:53 GMT
< Connection: close
<
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
* Closing connection 0
* Clear auth, redirects to port from 80 to 443
* Issue another request to this URL: 'https://nanopi.lan/api/auth'
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Could not resolve host: nanopi.lan
* Closing connection 1
curl: (6) Could not resolve host: nanopi.lan
308
Do you see what's happening here: FTL returning the hostname instead of localhost for the redirect, but the device does not use FTL as upstream do it does not know about the hostname.....
|
We discussed at some place that redirects should go to How does it look like if you configure |
This works.
I still love your idea of FTL offering a TXT record where to find the (final) API. |
But it suffers from the same illness. It'd also report something like |
Signed-off-by: DL6ER <dl6er@dl6er.de>
Signed-off-by: DL6ER <dl6er@dl6er.de>
Should we keep the approach to use |
…onfig webserver.ports Signed-off-by: DL6ER <dl6er@dl6er.de>
Let's go for the simpler option... |
Signed-off-by: DL6ER <dl6er@dl6er.de>
What does this implement/fix?
Add support for special
webserver.port
ports ending in "s
" (secure) and "r
" (redirect)Even when it made the code somewhat more bulky (especially the last-character-is-check), all my additions are POSIX-compliant.
Related issue or feature (if applicable): N/A
Pull request in docs with documentation (if applicable): N/A
By submitting this pull request, I confirm the following:
git rebase
)Checklist:
developmental
branch.