Skip to content

fix: add referer on redirect #68

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
vasco-santos wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

fix: add referer on redirect #68

vasco-santos wants to merge 1 commit into from

Conversation

@vasco-santos
Copy link
Contributor

@vasco-santos vasco-santos commented Apr 27, 2022

On redirect we are dropping referer, let's keep it

@vasco-santos vasco-santos force-pushed the fix/add-referer-on-redirect branch from 0f7d447 to 100d80e Compare April 27, 2022 17:11
@cloudflare-workers-and-pages
Copy link

cloudflare-workers-and-pages bot commented Apr 27, 2022
edited
Loading

Deploying with  Cloudflare Pages  Cloudflare Pages

Latest commit: 100d80e
Status: ✅  Deploy successful!
Preview URL: https://75adaaf7.nftstorage-link.pages.dev

View logs

@vasco-santos vasco-santos requested a review from alanshaw April 27, 2022 17:13
@vasco-santos vasco-santos mentioned this pull request Apr 27, 2022
Closed
alanshaw
alanshaw reviewed Apr 27, 2022
View reviewed changes
packages/edge-gateway/src/ipfs.js
const headers = new Headers(request.headers)
headers.set('Referrer-Policy', 'unsafe-url')
headers.set('Location', url.toString())
headers.set('Referer', request.headers.get('Referer'))
Copy link

@alanshaw alanshaw Apr 27, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Does this work IRL? I thought this was one of those headers you're not allowed to set in a browser/worker context!?

Copy link

@alanshaw alanshaw Apr 27, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also, this what we send back to the client right? Referer is a request header, I'm not sure I understand how this fixes the issue?

Copy link
Contributor Author

@vasco-santos vasco-santos Apr 27, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This fix is based on discussion https://community.cloudflare.com/t/passing-on-referer-value-on-301-https-redirects/78787/8

The goal is to have CF analytics / Firewall have access to the Referer, which looks like not the case with current redirect.

Does this work IRL?

I need to deploy to see, using staging dedicated route it does not break anything, but for actually seeing analytics in nftstorage.link domain I need to get it there

@vasco-santos vasco-santos marked this pull request as draft May 23, 2022 07:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@alanshaw alanshaw alanshaw left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@vasco-santos @alanshaw