Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Loophole does not work with Django Admin and returns incorrect URLs in /lti/config #1402

Closed
jonespm opened this issue Aug 25, 2022 · 2 comments · Fixed by #1403
Closed

Loophole does not work with Django Admin and returns incorrect URLs in /lti/config #1402

jonespm opened this issue Aug 25, 2022 · 2 comments · Fixed by #1403
Assignees
@jonespm
Projects
MyLA-2022.01.03

Comments

@jonespm
Copy link
Member

jonespm commented Aug 25, 2022
edited

Describe the bug (Tell us what happens instead of the expected behavior) :

If a local developer is using loophole.site instead of ngrok for LTI testing it doesn't work correctly. This is because loophole sends the header USE_X_FORWARDED_HOST and MyLA currently doesn't use this.

Steps to Reproduce :

  1. Use Loophole in development intead of ngrok

You can launch loophole with a command like
loophole http 5001 --hostname myla-test-domain

After you go through the steps to install it and add it to your path.

  1. Go through the steps to setup LTI. You'll notice that the /lti/config URL in the steps has 127.0.0.1.
  2. Also saving anything in Django Admin doesn't work.

Everything should just work the same was as with NGrok.

It's possible to configure this you may also have to add loophole.site to ALLOWED_HOSTS, DEFAULT_SRC and CSRF_TRUSTED_ORIGINS.
jonespm added a commit to jonespm/student-dashboard-django that referenced this issue Aug 25, 2022
@jonespm
Fixes tl-its-umich-edu#1402 - Add support for configuring X_FORWARDED…
81bc037 
…_HOST.

This is Needed for some proxies.
@jonespm jonespm added this to To do in MyLA-2022.02.01 via automation Aug 25, 2022
@jonespm jonespm moved this from To do to In progress in MyLA-2022.02.01 Aug 25, 2022
@jonespm jonespm linked a pull request Aug 25, 2022 that will close this issue
Fixes #1402 - Add support for configuring X_FORWARDED_HOST. #1403
Merged
jonespm added a commit to jonespm/student-dashboard-django that referenced this issue Sep 2, 2022
@jonespm
Fixes tl-its-umich-edu#1402 - Add support for configuring X_FORWARDED…
f885830 
…_HOST.

This is Needed for some proxies.
jonespm added a commit to jonespm/student-dashboard-django that referenced this issue Sep 12, 2022
@jonespm
Fixes tl-its-umich-edu#1402 - Add support for configuring X_FORWARDED…
d2db8f3 
…_HOST.

This is Needed for some proxies.
MyLA-2022.02.01 automation moved this from In progress to Review/QA Sep 13, 2022
jonespm added a commit that referenced this issue Sep 13, 2022
@jonespm
Fixes #1402 - Add support for configuring X_FORWARDED_HOST. (#1403)
fd6ece4 
This is Needed for some proxies.
@jonespm
Copy link
Member Author

jonespm commented Sep 13, 2022

Test Plan

  • This is False by default so the false test plan is a regression test to ensure everything is working. This is the standard default so no change should be noticed.

  • If this is set to true, it may improve some things for proxies like Loophole if loophole.site is added to CSRF_TRUSTED_ORIGINS with this enabled. I can expand that test plan but it's not necessary to test for this release.

@jonespm jonespm moved this from Review/QA to Review/QA - DEV in MyLA-2022.02.01 Sep 14, 2022
@pushyamig
Copy link
Contributor

Test passes and is working for me based on setting certain TRUSTED_ORIGINS in my local

@pushyamig pushyamig moved this from Review/QA - DEV to Done in MyLA-2022.02.01 Sep 15, 2022
@jennlove-um jennlove-um removed this from Done in MyLA-2022.02.01 Sep 20, 2022
@jennlove-um jennlove-um added this to To do in MyLA-2022.01.03 via automation Sep 20, 2022
@pushyamig pushyamig moved this from To do to Done in MyLA-2022.01.03 Sep 20, 2022
jonespm added a commit to jonespm/student-dashboard-django that referenced this issue Sep 20, 2022
@jonespm
Fixes tl-its-umich-edu#1402 - Add support for configuring X_FORWARDED…
7dd26ce 
…_HOST. (tl-its-umich-edu#1403)

This is Needed for some proxies.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jonespm jonespm

Labels
None yet
Projects
No open projects
MyLA-2022.01.03
  
Done
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fixes #1402 - Add support for configuring X_FORWARDED_HOST. jonespm/student-dashboard-django
2 participants
@jonespm @pushyamig