Skip to content
This repository has been archived by the owner on Dec 10, 2021. It is now read-only.

All fetch operations fail on Firefox #193

Closed
schoel-bis opened this issue Jul 18, 2019 · 1 comment · Fixed by #194
Closed

All fetch operations fail on Firefox #193

schoel-bis opened this issue Jul 18, 2019 · 1 comment · Fixed by #194
Labels
#bug Something isn't working

Comments

@schoel-bis
Copy link
Contributor

Describe the bug

See apache/superset#7364. Essentially:

callApi in superset-ui-connection will try to find an existing version of the data in the cache if the window.caches object exists. Unfortunately, as MDN states:

CacheStorage always rejects with a SecurityError on untrusted origins (i.e. those that aren't using HTTPS [...])

At that point, the CacheStorage API throws and the request for the CSRF token as well as the real request are never made.

I believe the correct solution to this problem would probably be to change the constant CACHE_AVAILABLE in superset-ui-connection/src/constants.ts to something like:

export const CACHE_AVAILABLE = 'caches' in self && (self.location && self.location.protocol) === 'https:';

To Reproduce

Steps to reproduce the behavior:

  1. Setup on a non-TLS site
  2. Visit with Firefox
  3. Observe network panel in developer tools
  4. See no fetch ever being launched

Expected behavior

Fetches should be executed

Environment (please complete the following information):

  • superset-ui version: [e.g. v0.11.13]
  • Node version: 10.16.0
  • npm version: 6.9.0
@issue-label-bot
Copy link

Issue-Label Bot is automatically applying the label #bug to this issue, with a confidence of 0.98. Please mark this comment with 👍 or 👎 to give our bot feedback!

Links: app homepage, dashboard and code for this bot.

@issue-label-bot issue-label-bot bot added the #bug Something isn't working label Jul 18, 2019
schoel-bis added a commit to schoel-bis/superset-ui that referenced this issue Jul 18, 2019
@schoel-bis
fix(connection): disable caching when on an insecure connection
4c9e253 
When the page is served over an insecure connection, some browsers (Firefox) will disable the
CacheStorage API for security reasons and will throw an error when an attempt is made to use it.
Thus, do not even attempt to use CacheStorage on such connections in the first place.

fix apache-superset#193
@schoel-bis schoel-bis mentioned this issue Jul 18, 2019
Merged
kristw pushed a commit that referenced this issue Jul 23, 2019
@schoel-bis @kristw
fix(connection): disable caching when on an insecure connection (#194)
ca256cd 
When the page is served over an insecure connection, some browsers (Firefox) will disable the
CacheStorage API for security reasons and will throw an error when an attempt is made to use it.
Thus, do not even attempt to use CacheStorage on such connections in the first place.

fix #193
kristw pushed a commit that referenced this issue Apr 17, 2020
@villebro
fix: remove redundant target from sankey tooltip (#193)
c4b6ed2
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
#bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix(connection): disable caching when on an insecure connection schoel-bis/superset-ui
1 participant
@schoel-bis