search

bastienwirtz / homer

A very simple static homepage for your server.
https://homer-demo.netlify.app/
Apache License 2.0
9.36k stars 786 forks source link

Gotify component health CORS issue #822

Open romano opened 3 weeks ago

romano commented 3 weeks ago

Describe the bug "http://gotify.server.local/health" reports missing CORS header "Access-Control-Allow-Origin". I've managed to allow CORS in Gotify. The service reads message counts but fails to read Gotify's health status.

This bit (lines 54-67) seems to push headers only for messages, but not the health requests. Could be an easy fix but haven't tested it.

   methods: {
    fetchStatus: async function () {
      await this.fetch(`/health`)
        .catch((e) => console.log(e))
        .then((resp) => this.health = resp);
    },
    fetchMessages: async function () {
      const headers = {
        "X-Gotify-Key": this.item.apikey,
      };
      await this.fetch(`/message?limit=100`, { headers })
        .catch((e) => console.log(e))
        .then((resp) => this.messages = resp.messages.length);
    },

As a side note this bit (lines 41-47) returns green health regardless if it achieves connection. Should probably return red by default.

      if (statuses.includes("red")) {
        return "red";
      } else if (statuses.includes("orange")) {
        return "orange";
      }

      return "green";

Expected behavior No errors

Logs & errors

Browser console output:

TypeError: "focus" is read-only
[contentscript.js:2:347419](moz-extension://31a58c32-a25b-49a4-8767-860809cb7dab/contentscript.js)
Zablokowano żądanie do zasobu innego pochodzenia: zasady „Same Origin Policy” nie pozwalają wczytywać zdalnych zasobów z „http://gotify.server.local/health” (brakujący nagłówek CORS „Access-Control-Allow-Origin”). Kod stanu: 200.

TypeError: this.health is undefined
    status http://homer.server.local/resources/Gotify-BiV2DoYj.js:1
    nl http://homer.server.local/resources/index-DgMKGb2N.js:10
    Ui http://homer.server.local/resources/index-DgMKGb2N.js:10
    runIfDirty http://homer.server.local/resources/index-DgMKGb2N.js:10
    tn http://homer.server.local/resources/index-DgMKGb2N.js:14
    bl http://homer.server.local/resources/index-DgMKGb2N.js:14
    promise callback*gl http://homer.server.local/resources/index-DgMKGb2N.js:14
    br http://homer.server.local/resources/index-DgMKGb2N.js:14
    scheduler http://homer.server.local/resources/index-DgMKGb2N.js:14
    trigger http://homer.server.local/resources/index-DgMKGb2N.js:10
    ur http://homer.server.local/resources/index-DgMKGb2N.js:10
    Tt http://homer.server.local/resources/index-DgMKGb2N.js:10
    set http://homer.server.local/resources/index-DgMKGb2N.js:10
    set http://homer.server.local/resources/index-DgMKGb2N.js:14
    fetchStatus http://homer.server.local/resources/Gotify-BiV2DoYj.js:1
    promise callback*fetchStatus http://homer.server.local/resources/Gotify-BiV2DoYj.js:1
    created http://homer.server.local/resources/Gotify-BiV2DoYj.js:1
    tn http://homer.server.local/resources/index-DgMKGb2N.js:14
    dt http://homer.server.local/resources/index-DgMKGb2N.js:14
    dt http://homer.server.local/resources/index-DgMKGb2N.js:14
    ro http://homer.server.local/resources/index-DgMKGb2N.js:14
    Gf http://homer.server.local/resources/index-DgMKGb2N.js:14
    Gl http://homer.server.local/resources/index-DgMKGb2N.js:14
    Iu http://homer.server.local/resources/index-DgMKGb2N.js:14
    Au http://homer.server.local/resources/index-DgMKGb2N.js:14
    Os http://homer.server.local/resources/index-DgMKGb2N.js:14
    mt http://homer.server.local/resources/index-DgMKGb2N.js:14
    d http://homer.server.local/resources/index-DgMKGb2N.js:14
    L http://homer.server.local/resources/index-DgMKGb2N.js:14
    run http://homer.server.local/resources/index-DgMKGb2N.js:10
    runIfDirty http://homer.server.local/resources/index-DgMKGb2N.js:10
    tn http://homer.server.local/resources/index-DgMKGb2N.js:14
    bl http://homer.server.local/resources/index-DgMKGb2N.js:14
    promise callback*gl http://homer.server.local/resources/index-DgMKGb2N.js:14
    br http://homer.server.local/resources/index-DgMKGb2N.js:14
    scheduler http://homer.server.local/resources/index-DgMKGb2N.js:14
    trigger http://homer.server.local/resources/index-DgMKGb2N.js:10
    ur http://homer.server.local/resources/index-DgMKGb2N.js:10
    notify http://homer.server.local/resources/index-DgMKGb2N.js:10
    trigger http://homer.server.local/resources/index-DgMKGb2N.js:10
    set value http://homer.server.local/resources/index-DgMKGb2N.js:10
    setup http://homer.server.local/resources/index-DgMKGb2N.js:14
    promise callback*setup http://homer.server.local/resources/index-DgMKGb2N.js:14
    tn http://homer.server.local/resources/index-DgMKGb2N.js:14
    Iu http://homer.server.local/resources/index-DgMKGb2N.js:14
    Au http://homer.server.local/resources/index-DgMKGb2N.js:14
    Os http://homer.server.local/resources/index-DgMKGb2N.js:14
    mt http://homer.server.local/resources/index-DgMKGb2N.js:14
    d http://homer.server.local/resources/index-DgMKGb2N.js:14
    L http://homer.server.local/resources/index-DgMKGb2N.js:14
    run http://homer.server.local/resources/index-DgMKGb2N.js:10
    Ae http://homer.server.local/resources/index-DgMKGb2N.js:14
    Os http://homer.server.local/resources/index-DgMKGb2N.js:14
    mt http://homer.server.local/resources/index-DgMKGb2N.js:14
    d http://homer.server.local/resources/index-DgMKGb2N.js:14
    D http://homer.server.local/resources/index-DgMKGb2N.js:14
    ae http://homer.server.local/resources/index-DgMKGb2N.js:14
    d http://homer.server.local/resources/index-DgMKGb2N.js:14
    D http://homer.server.local/resources/index-DgMKGb2N.js:14
    j http://homer.server.local/resources/index-DgMKGb2N.js:14
    R http://homer.server.local/resources/index-DgMKGb2N.js:14
    d http://homer.server.local/resources/index-DgMKGb2N.js:14
    D http://homer.server.local/resources/index-DgMKGb2N.js:14
    ae http://homer.server.local/resources/index-DgMKGb2N.js:14
    d http://homer.server.local/resources/index-DgMKGb2N.js:14
    D http://homer.server.local/resources/index-DgMKGb2N.js:14
    j http://homer.server.local/resources/index-DgMKGb2N.js:14
    R http://homer.server.local/resources/index-DgMKGb2N.js:14
    d http://homer.server.local/resources/index-DgMKGb2N.js:14
    D http://homer.server.local/resources/index-DgMKGb2N.js:14
    j http://homer.server.local/resources/index-DgMKGb2N.js:14
    R http://homer.server.local/resources/index-DgMKGb2N.js:14
[index-DgMKGb2N.js:14:660](http://homer.server.local/resources/index-DgMKGb2N.js)
    Of http://homer.server.local/resources/index-DgMKGb2N.js:14
    sn http://homer.server.local/resources/index-DgMKGb2N.js:14
    tn http://homer.server.local/resources/index-DgMKGb2N.js:14
    bl http://homer.server.local/resources/index-DgMKGb2N.js:14
    (asynchroniczny: promise callback)
    gl http://homer.server.local/resources/index-DgMKGb2N.js:14
    br http://homer.server.local/resources/index-DgMKGb2N.js:14
    scheduler http://homer.server.local/resources/index-DgMKGb2N.js:14
    trigger http://homer.server.local/resources/index-DgMKGb2N.js:10
    ur http://homer.server.local/resources/index-DgMKGb2N.js:10
    Tt http://homer.server.local/resources/index-DgMKGb2N.js:10
    set http://homer.server.local/resources/index-DgMKGb2N.js:10
    set http://homer.server.local/resources/index-DgMKGb2N.js:14
    fetchStatus http://homer.server.local/resources/Gotify-BiV2DoYj.js:1
    (asynchroniczny: promise callback)
    fetchStatus http://homer.server.local/resources/Gotify-BiV2DoYj.js:1
    created http://homer.server.local/resources/Gotify-BiV2DoYj.js:1
    tn http://homer.server.local/resources/index-DgMKGb2N.js:14
    dt http://homer.server.local/resources/index-DgMKGb2N.js:14
    dt http://homer.server.local/resources/index-DgMKGb2N.js:14
    ro http://homer.server.local/resources/index-DgMKGb2N.js:14
    Gf http://homer.server.local/resources/index-DgMKGb2N.js:14
    Gl http://homer.server.local/resources/index-DgMKGb2N.js:14
    Iu http://homer.server.local/resources/index-DgMKGb2N.js:14
    Au http://homer.server.local/resources/index-DgMKGb2N.js:14
    Os http://homer.server.local/resources/index-DgMKGb2N.js:14
    mt http://homer.server.local/resources/index-DgMKGb2N.js:14
    d http://homer.server.local/resources/index-DgMKGb2N.js:14
    L http://homer.server.local/resources/index-DgMKGb2N.js:14
    run http://homer.server.local/resources/index-DgMKGb2N.js:10
    runIfDirty http://homer.server.local/resources/index-DgMKGb2N.js:10
    tn http://homer.server.local/resources/index-DgMKGb2N.js:14
    bl http://homer.server.local/resources/index-DgMKGb2N.js:14
    (asynchroniczny: promise callback)
    gl http://homer.server.local/resources/index-DgMKGb2N.js:14
    br http://homer.server.local/resources/index-DgMKGb2N.js:14
    scheduler http://homer.server.local/resources/index-DgMKGb2N.js:14
    trigger http://homer.server.local/resources/index-DgMKGb2N.js:10
    ur http://homer.server.local/resources/index-DgMKGb2N.js:10
    notify http://homer.server.local/resources/index-DgMKGb2N.js:10
    trigger http://homer.server.local/resources/index-DgMKGb2N.js:10
    set value http://homer.server.local/resources/index-DgMKGb2N.js:10
    setup http://homer.server.local/resources/index-DgMKGb2N.js:14
    (asynchroniczny: promise callback)
    setup http://homer.server.local/resources/index-DgMKGb2N.js:14
    tn http://homer.server.local/resources/index-DgMKGb2N.js:14
    Iu http://homer.server.local/resources/index-DgMKGb2N.js:14
    Au http://homer.server.local/resources/index-DgMKGb2N.js:14
    Os http://homer.server.local/resources/index-DgMKGb2N.js:14
    mt http://homer.server.local/resources/index-DgMKGb2N.js:14
    d http://homer.server.local/resources/index-DgMKGb2N.js:14
    L http://homer.server.local/resources/index-DgMKGb2N.js:14
    run http://homer.server.local/resources/index-DgMKGb2N.js:10
    Ae http://homer.server.local/resources/index-DgMKGb2N.js:14
    Os http://homer.server.local/resources/index-DgMKGb2N.js:14
    mt http://homer.server.local/resources/index-DgMKGb2N.js:14
    d http://homer.server.local/resources/index-DgMKGb2N.js:14
    D http://homer.server.local/resources/index-DgMKGb2N.js:14
    ae http://homer.server.local/resources/index-DgMKGb2N.js:14
    d http://homer.server.local/resources/index-DgMKGb2N.js:14
    D http://homer.server.local/resources/index-DgMKGb2N.js:14
    j http://homer.server.local/resources/index-DgMKGb2N.js:14
    R http://homer.server.local/resources/index-DgMKGb2N.js:14
    d http://homer.server.local/resources/index-DgMKGb2N.js:14
    D http://homer.server.local/resources/index-DgMKGb2N.js:14
    ae http://homer.server.local/resources/index-DgMKGb2N.js:14
    d http://homer.server.local/resources/index-DgMKGb2N.js:14
    D http://homer.server.local/resources/index-DgMKGb2N.js:14
    j http://homer.server.local/resources/index-DgMKGb2N.js:14
    R http://homer.server.local/resources/index-DgMKGb2N.js:14
    d http://homer.server.local/resources/index-DgMKGb2N.js:14
    D http://homer.server.local/resources/index-DgMKGb2N.js:14
    j http://homer.server.local/resources/index-DgMKGb2N.js:14
    R http://homer.server.local/resources/index-DgMKGb2N.js:14

Screenshots n/a

Configuration n/a

bastienwirtz commented 4 days ago

Hello,

I don't have a Gotify server to check, but I think it's normal the headers are not sent with the /health request, I think this endpoint is public and does not requires the auth token.

How did you managed to allow CORS? directly in Gotify? It could be a bug in Gotify where headers are not sent on the health endpoint. You could try to confirm that by performing a curl request to check the headers, something like curl -I <your-gotify-url>/health