WP-6869: Allow unrestricted domain and root path#86
WP-6869: Allow unrestricted domain and root path#86KharchenkoMaks wants to merge 3 commits intodevelopmentfrom
Conversation
Default WPR_DOMAIN_NAME to '_' (wildcard) to accept requests from any domain. Remove domain injection into sample files to enable wildcard configuration. Previously, domain was always set to a specific value and couldn't be unrestricted. Samples now use relative paths instead of absolute URLs. BREAKING CHANGE: WPR_DOMAIN_NAME defaults to '_' instead of 'localhost'
Add support for root virtual directory. - Add support for WPR_VIRTUAL_DIR='/' to run at root path - Fix slash normalization in configureWebServer.pl to prevent double slashes - Update URL display in configureFiles.pl for root path compatibility - Update README documentation for new configuration options Previously, virtual directory always required a subdirectory. Root path configuration was not possible due to improper slash handling in NGINX location directives.
solovyovk
left a comment
There was a problem hiding this comment.
Changing WPR_DOMAIN_NAME default to _ affects files/startService.sh. In the recently merged PR #85, we added self-signed certificate generation that uses WPR_DOMAIN_NAME
for the certificate CN:
-subj "/CN=${WPR_DOMAIN_NAME:-localhost}"
With _ as the new default, the cert would get CN=_ instead of CN=localhost. After this PR is merged, startService.sh needs to be updated to treat _ as localhost for cert
generation.
| ARG WPR_WEB_PORT | ||
| ARG WPR_DOMAIN_NAME=localhost | ||
| # Domain name for NGINX server_name directive. Default '_' accepts any domain. Set to specific domain to restrict access. | ||
| ARG WPR_DOMAIN_NAME=_ |
There was a problem hiding this comment.
Changing WPR_DOMAIN_NAME default to _ affects files/startService.sh. In the recently merged PR #85, we added self-signed certificate generation that uses WPR_DOMAIN_NAME for the certificate CN:
-subj "/CN=${WPR_DOMAIN_NAME:-localhost}"With _ as the new default, the cert would get CN=_ instead of CN=localhost.
We need update there code in files/startService.sh after the line 30 on something like that:
CERT_CN="${WPR_DOMAIN_NAME}"
[ -z "$CERT_CN" ] || [ "$CERT_CN" = "_" ] && CERT_CN="localhost"
echo "$(date '+%m/%d/%y:%H:%M:%S.%3N') No SSL certificates found. Generating self-signed certificate for CN=${CERT_CN}..."
...
-subj "/CN=${CERT_CN}" 2>/dev/null
Enable wildcard domain and root path support
Summary
Add support for wildcard domain configuration and root virtual directory deployment.
Changes
Wildcard domain support
WPR_DOMAIN_NAMEto_(wildcard) to accept requests from any domainconfigureFiles.plto display<host>placeholder for wildcardPreviously: Domain defaulted to
localhost, requiring rebuild or runtime override to support multiple domains.Now: Accepts requests from any domain by default. Set
WPR_DOMAIN_NAMEto restrict.Root virtual directory support
/) #83WPR_VIRTUAL_DIR=/(or empty string) to run at root pathconfigureWebServer.pl:locationdirectiveslocation / {,location /samples {,location /api {location /wscservice {,location /wscservice/samples {, etc.configureFiles.plfor root path compatibilityPreviously: Virtual directory always required subdirectory. Root path generated invalid NGINX configs with double slashes.
Now: Users can set
WPR_VIRTUAL_DIR=/to deploy at root path (default remainswscservice).Breaking changes
BREAKING CHANGE:
WPR_DOMAIN_NAMEnow defaults to_(wildcard) instead oflocalhost.Impact: Containers now accept requests from any domain by default.
Migration: If you require domain restriction, explicitly set
WPR_DOMAIN_NAME