-
Notifications
You must be signed in to change notification settings - Fork 890
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: allow debugger to connect with custom hosts #2404
Conversation
Amazing, makes sense! Thanks for contribution! Is there anything blocking you from making this PR ready for review? |
Hey @szymonrybczak, I just wanted to do a quick test in a clean repo. Seems to work well so happy for this to be reviewed now! |
it('it should block requests from different origins', () => { | ||
req.headers.origin = 'https://example.com'; | ||
const middleware = securityHeadersMiddleware({}); | ||
middleware(req, res, next); | ||
expect(next).toHaveBeenCalledWith(expect.any(Error)); | ||
}); | ||
|
||
it('it should allow requests from localhost', () => { | ||
req.headers.origin = 'http://localhost:3000'; | ||
const middleware = securityHeadersMiddleware({}); | ||
middleware(req, res, next); | ||
expect(next).toHaveBeenCalled(); | ||
}); | ||
|
||
it('it should allow requests from devtools', () => { | ||
req.headers.origin = 'devtools://devtools'; | ||
const middleware = securityHeadersMiddleware({}); | ||
middleware(req, res, next); | ||
expect(next).toHaveBeenCalled(); | ||
}); | ||
|
||
it('it should allow requests from custom host if provided in options', () => { | ||
req.headers.origin = 'http://customhost.com'; | ||
const middleware = securityHeadersMiddleware({host: 'customhost.com'}); | ||
middleware(req, res, next); | ||
expect(next).toHaveBeenCalled(); | ||
}); | ||
|
||
it('it should block requests from custom host if provided in options but not matching', () => { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
very minor nit: all test titles start with "it" which is kinda redundant 😅
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oh good shout. Will fix that up!
Thanks for the reviews folks! Have cleaned up the test titles and rebased |
Thank you for the contribution @Jesse-Cameron! 🙌🏼 |
Summary:
Experimental debugger support for custom hostnames.
Currently the experimental debugger rejects all requests that don't come from the
localhost
hostname. We are using the--host
flag when starting the react native. It would be good if the debugger supported this.see: #2396
Test Plan:
I have manually tested this PR in a clean project using:
npm react-native start --experimental-debugger --host 0.0.0.0
(after linking packages locally)
Checklist