From 4972ab0fc25f892d8be85956741c0639e2cfc4f3 Mon Sep 17 00:00:00 2001 From: wxiaoguang Date: Wed, 16 Oct 2024 12:35:07 +0800 Subject: [PATCH 1/3] fix --- web_src/js/features/user-auth.ts | 9 ++++++--- web_src/js/index.ts | 3 ++- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/web_src/js/features/user-auth.ts b/web_src/js/features/user-auth.ts index f1f34bc806e62..150754acf6e4c 100644 --- a/web_src/js/features/user-auth.ts +++ b/web_src/js/features/user-auth.ts @@ -1,12 +1,15 @@ -import {checkAppUrl} from './common-page.ts'; +import {checkAppUrl} from './common-page.js'; + +export function initUserCheckAppUrl() { + if (!document.querySelector('.page-content.user.signin, .page-content.user.signup, .page-content.user.link-account')) return; + checkAppUrl(); +} export function initUserAuthOauth2() { const outer = document.querySelector('#oauth2-login-navigator'); if (!outer) return; const inner = document.querySelector('#oauth2-login-navigator-inner'); - checkAppUrl(); - for (const link of outer.querySelectorAll('.oauth-login-link')) { link.addEventListener('click', () => { inner.classList.add('tw-invisible'); diff --git a/web_src/js/index.ts b/web_src/js/index.ts index db678a25ba388..13dfe1f3efe1c 100644 --- a/web_src/js/index.ts +++ b/web_src/js/index.ts @@ -24,7 +24,7 @@ import {initFindFileInRepo} from './features/repo-findfile.ts'; import {initCommentContent, initMarkupContent} from './markup/content.ts'; import {initPdfViewer} from './render/pdf.ts'; -import {initUserAuthOauth2} from './features/user-auth.ts'; +import {initUserAuthOauth2, initUserCheckAppUrl} from './features/user-auth.ts'; import { initRepoIssueDue, initRepoIssueReferenceRepositorySearch, @@ -219,6 +219,7 @@ onDomReady(() => { initCommitStatuses, initCaptcha, + initUserCheckAppUrl, initUserAuthOauth2, initUserAuthWebAuthn, initUserAuthWebAuthnRegister, From 28b2ea93ab597fe5a8d0a417404acd0074a76926 Mon Sep 17 00:00:00 2001 From: wxiaoguang Date: Wed, 16 Oct 2024 12:36:49 +0800 Subject: [PATCH 2/3] fix --- web_src/js/features/common-page.ts | 9 +++++++++ web_src/js/features/user-auth.ts | 6 ++++-- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/web_src/js/features/common-page.ts b/web_src/js/features/common-page.ts index 1a4decd752ee8..78d3641bb0a27 100644 --- a/web_src/js/features/common-page.ts +++ b/web_src/js/features/common-page.ts @@ -91,3 +91,12 @@ export function checkAppUrl() { showGlobalErrorMessage(`Your ROOT_URL in app.ini is "${appUrl}", it's unlikely matching the site you are visiting. Mismatched ROOT_URL config causes wrong URL links for web UI/mail content/webhook notification/OAuth2 sign-in.`, 'warning'); } + +export function checkAppUrlScheme() { + const curUrl = window.location.href; + // some users visit "http://domain" while appUrl is "https://domain", COOKIE_SECURE makes it impossible to sign in + if (curUrl.startsWith('http:') && appUrl.startsWith('https:')) { + showGlobalErrorMessage(`Your ROOT_URL in app.ini "${appUrl}" uses HTTPS, it doesn't match the HTTP site you are visiting. +Mismatched ROOT_URL config would cause problems for sign-in/sign-up, etc.`, 'warning'); + } +} diff --git a/web_src/js/features/user-auth.ts b/web_src/js/features/user-auth.ts index 150754acf6e4c..b716287ff27e6 100644 --- a/web_src/js/features/user-auth.ts +++ b/web_src/js/features/user-auth.ts @@ -1,8 +1,8 @@ -import {checkAppUrl} from './common-page.js'; +import {checkAppUrl, checkAppUrlScheme} from './common-page.ts'; export function initUserCheckAppUrl() { if (!document.querySelector('.page-content.user.signin, .page-content.user.signup, .page-content.user.link-account')) return; - checkAppUrl(); + checkAppUrlScheme(); } export function initUserAuthOauth2() { @@ -10,6 +10,8 @@ export function initUserAuthOauth2() { if (!outer) return; const inner = document.querySelector('#oauth2-login-navigator-inner'); + checkAppUrl(); + for (const link of outer.querySelectorAll('.oauth-login-link')) { link.addEventListener('click', () => { inner.classList.add('tw-invisible'); From 2aca44af8a0df1187ccabfa677608a6032cffc01 Mon Sep 17 00:00:00 2001 From: wxiaoguang Date: Thu, 17 Oct 2024 00:40:49 +0800 Subject: [PATCH 3/3] Update web_src/js/features/common-page.ts --- web_src/js/features/common-page.ts | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/web_src/js/features/common-page.ts b/web_src/js/features/common-page.ts index 78d3641bb0a27..77fe2cc1ca71a 100644 --- a/web_src/js/features/common-page.ts +++ b/web_src/js/features/common-page.ts @@ -96,7 +96,6 @@ export function checkAppUrlScheme() { const curUrl = window.location.href; // some users visit "http://domain" while appUrl is "https://domain", COOKIE_SECURE makes it impossible to sign in if (curUrl.startsWith('http:') && appUrl.startsWith('https:')) { - showGlobalErrorMessage(`Your ROOT_URL in app.ini "${appUrl}" uses HTTPS, it doesn't match the HTTP site you are visiting. -Mismatched ROOT_URL config would cause problems for sign-in/sign-up, etc.`, 'warning'); + showGlobalErrorMessage(`This instance is configured to run under HTTPS (by ROOT_URL config), you are accessing by HTTP. Mismatched scheme might cause problems for sign-in/sign-up.`, 'warning'); } }