-
Notifications
You must be signed in to change notification settings - Fork 707
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add full URLs in exercises to ensure they always load #4589
Add full URLs in exercises to ensure they always load #4589
Conversation
Update CSP host for proxies when http referer is defined. Small refactor to reduce cyclomatic complexity.
Looks like my code is not Python3 compatible! |
Simplify function parameters slightly.
Codecov Report
@@ Coverage Diff @@
## release-v0.11.x #4589 +/- ##
===================================================
- Coverage 51.92% 51.79% -0.14%
===================================================
Files 739 739
Lines 24385 24402 +17
Branches 3304 3230 -74
===================================================
- Hits 12661 12638 -23
- Misses 10959 10983 +24
- Partials 765 781 +16
Continue to review full report at Codecov.
|
Codecov Report
@@ Coverage Diff @@
## release-v0.11.x #4589 +/- ##
===================================================
+ Coverage 51.9% 51.98% +0.07%
===================================================
Files 739 739
Lines 24385 24403 +18
Branches 3305 3308 +3
===================================================
+ Hits 12657 12685 +28
+ Misses 10963 10953 -10
Partials 765 765
Continue to review full report at Codecov.
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice! A couple small questions/tweaks, but otherwise looks good to go!
In #1049 it was mentioned:
Is this still active and should it then be unblocked? |
@rtibbles Re: PR description
That is great, and it might become relevant pretty soon that we have an Nginx proxy in front of Kolibri, meaning that both |
Yeah, I have no intention of assuming the host name is fixed! Is there a better way than what I have done for systematically determining the host name via which the request was made? |
I think there are a few other issues that have iOS Safari tags on them, we might want to double check those first. |
I think that the Could We could also add a utility function in case that someone at some point desires more functionality? Like |
Hmm, but can the iOS reporter then actually test the builds in this PR? |
I was unable to reproduce #1046 and #2158 when I was testing on iOS, and both of those tickets are more than a year old so it's possible that changes to Kolibri fixed those issues. I haven't tested #2279 but I definitely don't feel like that's a blocker, and aside from this issue those are the only three that are listed for iOS / Safari. I would vote for removing the block, and re-considering if we start seeing a lot of new error reports from iOS / Safari users. |
Thanks for testing them, @kollivier! When I've fixed up this PR and merged, can remove Safari from the blacklist in a follow up PR. |
sounds good to me! |
yes we've determined that under the hood, chrome and safari are using the same webkit renderer |
@rtibbles something has gone wrong, and absolute URLs are appended to their relative paths:
Would you be able to add a regression test for this case, too? |
Yeah, looks like this issue here is that Perseus does not expect the scheme to be included in the URL, will fix this up. |
@benjaoming the issue with using |
Have replicated the base issue again on Browserstack, using iPhone 6S, and have now confirmed a fix (needed to remove the |
Summary
Previously we were just replacing a relative path to origin for image URLs inside perseus json blobs. On some browsers these were not then properly resolved, resulting in images being missing.
This fixes that by always creating a full URL for replacing in the json blob. It attempts to construct this with a URL derived from the
HTTP_REFERER
header, which appears to be widely supported, as this will give the host that the frontend request this from, not the host that Kolibri is running on (in case Kolibri is behind a proxy).It also uses this to more accurately set our Content Security Policy header, so that it still works even behind a poorly configured proxy.
Reviewer guidance
Check that Perseus images still work.
Check that they now work on older iOS.
See my tests, do they cover everything?
References
Fixes #1049
Contributor Checklist
PR process:
Testing:
Reviewer Checklist
yarn
andpip
)