Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow custom domains in Vite's allowedHosts #51395

Merged
merged 2 commits into from
Jan 23, 2025
Merged

Allow custom domains in Vite's allowedHosts #51395

merged 2 commits into from
Jan 23, 2025
+20 −6

Conversation

ryanclark
Copy link
Contributor

#51356 introduces the change of setting allowedHost to whatever the domain of the proxy target is, if it isn't localhost. That doesn't really work for my setup, and possibly others, as I use a different domain than localhost and the proxy target. This allows the option of setting a VITE_HOST environment variable (I followed the same convention in TAG), so we're not allowing all hosts.

@ryanclark ryanclark requested review from avatus and ravicious January 23, 2025 08:09
@ryanclark ryanclark added the no-changelog Indicates that a PR does not require a changelog entry label Jan 23, 2025
@github-actions github-actions bot requested review from kimlisa and rudream January 23, 2025 08:09
ravicious
ravicious reviewed Jan 23, 2025
View reviewed changes
web/packages/build/vite/config.ts
}

return [];
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could be something like this to allow target and VITE_HOST at the same time because why not.

function resolveAllowedHost(target: string) {
  const allowedHosts = [];
  if (process.env.VITE_HOST) {
    allowedHosts.push(process.env.VITE_HOST);
  }

  if (target !== DEFAULT_PROXY_TARGET) {
    const { hostname } = new URL(`http://${target}`);

    allowedHosts.push(hostname);
  }

  return allowedHosts;
}

I guess it all comes down to which domains you have in the cert that Vite uses? But I noticed that the docs say "When using HTTPS, this check is skipped" and that is true, but the thing that falls apart without allowedHosts is websockets (and thus HMR).

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah I think if your cert accepts localhost it'll still work without setting allowedHosts - but first Vite will try the hostname you're using, so there will be one error in the console always, but HMR would still work

I think your suggestion is good, I'll add it

@ryanclark ryanclark force-pushed the ryan/vite-6-allowed-hosts branch 2 times, most recently from 23307c5 to 6f857e3 Compare January 23, 2025 11:18
@ryanclark ryanclark force-pushed the ryan/vite-6-allowed-hosts branch from 6f857e3 to 0e8e356 Compare January 23, 2025 11:43
@ryanclark ryanclark enabled auto-merge January 23, 2025 11:43
@ryanclark ryanclark added this pull request to the merge queue Jan 23, 2025
Merged via the queue into master with commit 14132e4 Jan 23, 2025
41 checks passed
@ryanclark ryanclark deleted the ryan/vite-6-allowed-hosts branch January 23, 2025 15:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ravicious ravicious ravicious approved these changes

@strideynet strideynet strideynet approved these changes

@avatus avatus Awaiting requested review from avatus

@kimlisa kimlisa Awaiting requested review from kimlisa

@rudream rudream Awaiting requested review from rudream

Assignees
No one assigned
Labels
no-changelog Indicates that a PR does not require a changelog entry size/sm ui
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@ryanclark @ravicious @strideynet