MyFavMirrors/moonfire-nvr
1
0
Fork 0
mirror of https://github.com/scottlamb/moonfire-nvr.git synced 2025-02-11 13:48:11 -05:00
Code Issues Packages Projects Releases Wiki Activity
moonfire-nvr/ui/src/setupProxy.js

38 lines
1.4 KiB
JavaScript
Raw Normal View History

start a new React-based UI (#111) This doesn't do much yet but should provide a better foundation for improvement than the jQuery UI, as described in the github issue.
2021-01-31 21:55:25 -08:00
// This file is part of Moonfire NVR, a security camera network video recorder.
// Copyright (C) 2021 The Moonfire NVR Authors; see AUTHORS and LICENSE.txt.
// SPDX-License-Identifier: GPL-v3.0-or-later WITH GPL-3.0-linking-exception
// https://create-react-app.dev/docs/proxying-api-requests-in-development/
const { createProxyMiddleware } = require("http-proxy-middleware");
module.exports = (app) => {
app.use(
"/api",
createProxyMiddleware({
avoid ?? in setupProxy.js It worked fine on my laptop with node.js v14.15.4, but not on my new workstation with node.js v12.18.2 (as comes with Ubuntu 20.10). It would print "Unexpected token '?'" without any clue what file the error is in. I'm trying to fix that here: https://github.com/facebook/create-react-app/pull/10652
2021-03-04 13:06:46 -08:00
target: process.env.PROXY_TARGET || "http://localhost:8080/",
start a new React-based UI (#111) This doesn't do much yet but should provide a better foundation for improvement than the jQuery UI, as described in the github issue.
2021-01-31 21:55:25 -08:00
ws: true,
changeOrigin: true,
// If the backing host is https, Moonfire NVR will set a 'secure'
// attribute on cookie responses, so that the browser will only send
// them over https connections. This is a good security practice, but
// it means a non-https development proxy server won't work. Strip out
// this attribute in the proxy with code from here:
// https://github.com/chimurai/http-proxy-middleware/issues/169#issuecomment-575027907
// See also discussion in guide/developing-ui.md.
onProxyRes: (proxyRes, req, res) => {
const sc = proxyRes.headers["set-cookie"];
if (Array.isArray(sc)) {
proxyRes.headers["set-cookie"] = sc.map((sc) => {
return sc
.split(";")
use SameSite=Lax instead of SameSite=Strict To improve reliability of live streams (#59) on Safari. Safari was dropping the cookie from websocket update requests. (But it worked sometimes. I don't get why.) I saw folks on the Internet thinking this related to HttpOnly: * https://developer.apple.com/forums/thread/104488 * https://stackoverflow.com/q/47742807/23584 but I still see this behavior without HttpOnly. SameSite=Strict vs SameSite=Lax appears to make a difference. Try that instead. SameSite=Strict is pointless for us anyway as noted in a new comment. Turning off HttpOnly would be more unfortunate security-wise.
2021-03-31 10:44:08 -07:00
.filter((v) => v.trim().toLowerCase() !== "secure")
start a new React-based UI (#111) This doesn't do much yet but should provide a better foundation for improvement than the jQuery UI, as described in the github issue.
2021-01-31 21:55:25 -08:00
.join("; ");
});
}
},
})
);
};
Reference in New Issue Copy Permalink