[codex] Preserve custom ports in signed local file URLs#2167
Open
shuaick wants to merge 1 commit intoOpenSignLabs:stagingfrom
Open
[codex] Preserve custom ports in signed local file URLs#2167shuaick wants to merge 1 commit intoOpenSignLabs:stagingfrom
shuaick wants to merge 1 commit intoOpenSignLabs:stagingfrom
Conversation
Local file links could be returned without the configured deployment port, which breaks uploads and document flows on self-hosted instances that expose OpenSign on a custom port. This normalizes local /files URLs against SERVER_URL before signing them, and adds regression coverage for both fresh and already-signed local file URLs. Constraint: Must preserve existing signed URL flows for non-local storage backends Rejected: Rebuild file URLs in each frontend caller | too many call sites and it would leave backend-generated links inconsistent Confidence: medium Scope-risk: narrow Reversibility: clean Directive: Keep local file URL normalization tied to SERVER_URL so deployment origin changes stay centralized Tested: Direct Node assertions for normalizeLocalFileUrl, getSignedLocalUrl, and presignedlocalUrl with a custom-port SERVER_URL Not-tested: Full OpenSignServer jasmine suite in this environment (npm test runner hits local Windows EPERM restrictions)
|
Someone is attempting to deploy a commit to the prafull 's projects Team on Vercel. A member of the Team first needs to authorize it. |
Author
|
Hi maintainers, this PR fixes #1936. Root cause: local This change normalizes local file URLs against |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
/files/...URLs againstSERVER_URLbefore signing themRoot cause
Local file URLs could be signed using a URL that did not carry the deployment port from
SERVER_URL. In self-hosted deployments on a custom port, that caused generated file links to fall back to the default origin and break document flows.Validation
normalizeLocalFileUrlgetSignedLocalUrlpresignedlocalUrlNotes
I could not run the full
npm testsuite in this local Windows environment because the repo's npm/test workflow hitEPERMrestrictions during process spawn.