New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
buildSubscriptionURL() doesn't choose wss when graphiql served by https #20
Comments
Hi @bkcsfi I missed this issue completly, are you still experiencing this problem ? If I resume, you want the code to choose the wss protocol if window.location.protocol is https ? Thanks for this bug report. |
@bkcsfi Just to make sure that you are not still facing this issue.
|
Hi, We're still on 0.6.3, I will setup a branch to test 0.8.0 and let you know thanks |
Hi, we've upgraded to 0.8.2 and we still have a problem with this I believe the issue is here https://github.com/tartiflette/tartiflette-aiohttp/blob/master/tartiflette_aiohttp/_graphiql.html#L154 There doesn't appear to be any check to determine if graphiql has been loaded via https or not. chrome says this:
Where client.js is from https://cdn.jsdelivr.net/npm/subscriptions-transport-ws@0.7.0/browser/client.js it's using the url passed from buildSubscriptionURL() do you need PR? I could take a shot at it. |
@bkcsfi Really sorry for the waiting time about this PR, if you could do a PR to fix it, it would be very cool. Thank you. |
sorry I wasn't able to generate a PR this week, thanks for taking care of it. |
Hi, we are now deploying our tartiflette-based backend for internal use, but wish to continue to support graphiql for a while longer.
We're running our app in docker swarm with traefik front-end with tls support (client to traefik), and non-tls from traefik to the backend app.
when I load https://my-app.mydomain.com/graphiql .. the page loads but returns this error
I think the issue is that buildSubscriptionURL() doesn't check to see if the html was loaded over https, so only chooses the 'ws' scheme instead of the 'wss' scheme.
I think checking
window.location.protocol to see if it's https:
would solve this?The text was updated successfully, but these errors were encountered: