Closed john-jam closed 2 years ago
I hit this as well, it seems to have come in during 2.3.1 or 2.3.2. For some reason the health check is going to /health/
(trailing slash) which causes FastAPI (and friends) to do a 307 redirect, but that re-direct (for some reason which is a mystery to me) uses http protocol instead of https causing the mixed content error if the UI page was loaded over https. I tried to find where the health check path is defined, but it seems to be in here import { HealthApi } from '@prefecthq/orion-design'
and I don't know where that repo is (maybe private?).
As you noted every other API call I've seen the UI make does not have a trailing slash.
I worked around this by re-writing the path at the load balancer of my deployed UI to drop the trailing slash.
Thanks for the report @john-jam and the extra research @jeffcarrico! It looks like you're right and we were requesting /health/
with a trailing slash. We've merged a commit to fix this issue and it should be part of the next release.
Thanks for your responses!
I can't find the fix you talked about @bunchesofdonald (maybe merged on a release branch?).
When I run locally orion ui
from main
, I still have the health/
redirect with the trailing slash. This first request has a location
in its response that points to an http
url and the next request succeeds or fails regarding where I launched my orion ui
. The error seems to only occurs somehow when I use the built orion ui
from the 2.3.2-python3.9
docker image.
Thanks for the tip @jeffcarrico, I'll apply that in the meantime!
The fix is in the private orion-design
repo, but it hasn't been released yet. We generally do releases on Tuesdays, so you should be good to go early next week.
This looks good now (2.4), thank you! 🎉
First check
Bug summary
When configuring
orion ui
to reach anorion api
with https, an error on the ui and on the console occurs. It seems like the ui tries to reach the orion api endpoint/api/health
in an insecure way. For other xhr endpoints (e.g.api/flows/filter
,api/flow_runs/history
), the ui can access the api properly.Reproduction
PREFECT_ORION_UI_API_URL="https://my-orion-server/api"
my-orion-server
withhttps
supporthttps
endpointhttps://my-orion-server
Error
On the ui:
In the console:
Browers
Prefect version
Additional context
The weird thing is when I try to run the
orion ui
locally from source (on the same commit6e931ee9
) or from a built package installed, I don't have this error :upside_down_face: It is maybe because there isn't anorigin
request header for the xhr requesthealth/
when I try to reach my deployed server and there is one when I use my local server (this happens only for that endpoint).