search

adobe / helix-html-pipeline

A library for rendering the html response in Helix3.
https://www.hlx.live/
Apache License 2.0
11 stars 12 forks source link

rum challenge handler #457

Open langswei opened 7 months ago

langswei commented 7 months ago

Overview

We introduced a RUM challenge as an alternative to TXT record for domain verification. The idea was to make it easy or feasible for authors, although we haven't yet documented the steps so some of what I'm writing is speculative.

Details

This code expects a challenge URL to end in _rum-challenge however the underscore _ character is not part of the URL even if the document has that char in the name. Therefore it seems that we are not meeting the goal of making it easy for authors to manage. https://github.com/adobe/helix-html-pipeline/blob/25f6f34804e0d67ac31b762b4b9f721ad8262cf5/src/options-pipe.js#L50

Proposed Actions

Let's discuss the goal here. Maybe the _ is allowed in files from github, so maybe project developers rather than authors should handle this task. Or maybe we should change the rum challenge URL to not expect to see the _ so authors can manage it.

davidnuescheler commented 7 months ago

i don't think that anything that has to do with run-query should have impact on the pipeline... i also think that in the helix5 RUM model we really don't need that anymore as the association of RUM request with a project will become trivial.

langswei commented 7 months ago

i don't think that anything that has to do with run-query should have impact on the pipeline

Then we should discuss a rollback of #442. cc: @trieloff

in the helix5 RUM model we really don't need that anymore as the association of RUM request with a project will become trivial.

Can you elaborate? By "RUM request", unclear to me if you are referring to the sampleRUM collection request or a later user run-query request. Will domain keys be obsolete?

tripodsan commented 7 months ago

I think we should discuss this again internally on how the domain key validation works. @davidnuescheler: @trieloff and I discussed this and found it acceptable to add the domain key challenge to the pipeline. The alternative would be too expensive (new service for aws+cf, extra complicated logic in vcl, etc)

afaiu, this issue is only about using a different character than _ in the challenge path, as it is rejected by .hlx.page