search

heyxyz / hey

Hey is a decentralized and permissionless social media app built with Lens Protocol 🌿
https://hey.xyz
GNU Affero General Public License v3.0
23.11k stars 1.52k forks source link

post_redirect Frame action handled incorrectly #5045

Closed defispartan closed 1 week ago

defispartan commented 1 month ago

Is there an existing issue for this?

Current Behavior

When a Frame button is pressed with action post_redirect, currently the target || frameUrl link is opened in a new window

Expected Behavior

Based on [Open Frames] standard, expected behaviour is to send to a POST request to the post url -> receive a 302 Found and Location header that starts with http:// or https://

Steps To Reproduce

No response

What platform(s) does this occur on?

Web, Mobile

What browser(s) does this occur on?

Chrome, Firefox, Brave, Safari, Edge

Anything else?

No response

bigint commented 1 month ago

@defispartan Do you have an example frames to check so I can fix it?

zadmarbella commented 1 month ago

@bigint https://hey.xyz/posts/0x01c556-0x04-DA-dd73ab9f

zadmarbella commented 1 month ago

@bigint any updates or recommendations?

defispartan commented 1 month ago

I can work on this issue

@zadmarbella Could you possibly update this Frame to include an of:image tag? Right now it's missing this tag so it's not compatible with the Open Frame debugging tool. Once we're able to debug there, this will make it easier to replicate a fix for Hey :)

zadmarbella commented 1 month ago

@defispartan Hi it was recommended we use this to debug. And that looks like it's working.

If i use the Open Frame debugging tool it won't even render the buttons. please advise.

zadmarbella commented 1 month ago

@defispartan fyi - https://frames-js-debugger.vercel.app/?url=https%3A%2F%2Fstg-powered-by.percs.app%2Fframes%2F154d3b0c-4b53-4208-a01f-38b33e57368d%2F1

defispartan commented 4 weeks ago

Hey, thanks. I'm not sure where I got that other debugging link from. I'm able to reproduce the issue with the official frames.js debugger link.

I will try to implement a fix for this by EOW.

defispartan commented 3 weeks ago

@zadmarbella I opened a PR which should add support for the correct post_redirect behavior, however I'm getting a 410 - Gone error when making a POST request to the postUrl of the frame in the post you shared.

Did something change with the frame endpoint? Or perhaps there is some validation on the frame server that is causing this error?

Here' script of the request being made to re-produce the error

const axios = require("axios");

const requestBody = {
  clientProtocol: "lens@1.0.0",
  trustedData: {
    messageBytes:
      "0xd3625ddc14fea89d7e7262e06b4e883efb00333d3f3dbddaa7dc96706f981bc67d9cf0c7b0eb66030cefb729614e267fd67983288bb91aaf63e3b9ce3eaa70661c",
  },
  untrustedData: {
    identityToken:
      "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjB4MDIwZTNkIiwiZXZtQWRkcmVzcyI6IjB4Rjc0MzYwMjc4ZTE4MUZkQ0ZkZkE2OTQ2ODdjRjUzRkMxNjNkRWUxOCIsInJvbGUiOiJwcm9maWxlX2lkZW50aXR5IiwiYXV0aG9yaXphdGlvbklkIjoiMDdkMmVhMzItOWQyNS00YTQ5LWFhZDMtYmM0YzJlMTM0OTQwIiwiaWF0IjoxNzIyOTE3MTA5LCJleHAiOjE3MjI5MTg5MDl9.VpQhDH7po3LyIrKoUvaL7L2iUSy52L7rGa7Iv2vsW4I",
    unixTimestamp: 1722918643,
    actionResponse: "",
    buttonIndex: 3,
    deadline: 1722920440,
    inputText: "",
    profileId: "0x020e3d",
    pubId: "0x01c556-0x04-DA-dd73ab9f",
    specVersion: "1.0.0",
    state: "",
    url: "https://stg-powered-by.percs.app/frames/154d3b0c-4b53-4208-a01f-38b33e57368d/1",
  },
};

const requestHeaders = {
  Accept: "application/json",
  "Content-Type": "application/json",
  "User-Agent": "HeyBot/0.1 (like TwitterBot)",
};

async function makeRequest() {
  try {
    const response = await axios.post(
      "https://stg-powered-by.percs.app/frames/154d3b0c-4b53-4208-a01f-38b33e57368d/1",
      requestBody,
      { headers: requestHeaders }
    );
    console.log(response.data);
  } catch (error) {
    if (error.response) {
      console.error(
        `Error: ${error.response.status} - ${error.response.statusText}`
      );
    } else {
      console.error("Error:", error.message);
    }
  }
}

makeRequest();
zadmarbella commented 3 weeks ago

@defispartan it looks like it's working now . We will do additional verification and testing on our end.

sorry to clarify the debugger was working but not on hey.

defispartan commented 1 week ago

@zadmarbella A PR was just merged to add post_redirect support for Hey, however I'm still getting an error when making a POST request to this Frame URL. It's now returning a 400 - Bad Response error (the request is copied below).

I created an example post_redirect frame for testing to demonstrate that it's working on Hey: Source Code Example Post

If you share the source code for this frame in the Lens Dev Garden Telegram Group or dm me (@defispartan) I can try to help debug this specific frame further. I'm going to close this issue for now though since Hey now supports post_redirect.

const requestBody = {
  clientProtocol: "lens@1.0.0",
  trustedData: {
    messageBytes:
      "0xd3625ddc14fea89d7e7262e06b4e883efb00333d3f3dbddaa7dc96706f981bc67d9cf0c7b0eb66030cefb729614e267fd67983288bb91aaf63e3b9ce3eaa70661c",
  },
  untrustedData: {
    identityToken:
      "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjB4MDIwZTNkIiwiZXZtQWRkcmVzcyI6IjB4Rjc0MzYwMjc4ZTE4MUZkQ0ZkZkE2OTQ2ODdjRjUzRkMxNjNkRWUxOCIsInJvbGUiOiJwcm9maWxlX2lkZW50aXR5IiwiYXV0aG9yaXphdGlvbklkIjoiMDdkMmVhMzItOWQyNS00YTQ5LWFhZDMtYmM0YzJlMTM0OTQwIiwiaWF0IjoxNzIyOTE3MTA5LCJleHAiOjE3MjI5MTg5MDl9.VpQhDH7po3LyIrKoUvaL7L2iUSy52L7rGa7Iv2vsW4I",
    unixTimestamp: 1722918643,
    actionResponse: "",
    buttonIndex: 3,
    deadline: 1722920440,
    inputText: "",
    profileId: "0x020e3d",
    pubId: "0x01c556-0x04-DA-dd73ab9f",
    specVersion: "1.0.0",
    state: "",
    url: "https://stg-powered-by.percs.app/frames/154d3b0c-4b53-4208-a01f-38b33e57368d/1",
  },
};

const requestHeaders = {
  Accept: "application/json",
  "Content-Type": "application/json",
  "User-Agent": "HeyBot/0.1 (like TwitterBot)",
};

async function makeRequest() {
  try {
    const response = await fetch(
      "https://stg-powered-by.percs.app/frames/154d3b0c-4b53-4208-a01f-38b33e57368d/1",
      {
        body: JSON.stringify({
          clientProtocol: "lens@1.0.0",
          trustedData: requestBody.trustedData,
          untrustedData: requestBody.untrustedData,
        }),
        headers: { "User-Agent": "HeyBot/0.1 (like TwitterBot)" },
        method: "POST",
        redirect: "manual",
      }
    );

    const { status } = response;
    const { headers } = response;

    let data = {};
    if (status !== 302) {
      if (response.headers.get("content-type")?.includes("application/json")) {
        data = await response.json();
      } else {
        data = await response.text();
      }
    }
    console.log(`Status: ${status}`);
    console.log(`Re-direct Location: ${headers.get("location")}`);
  } catch (error) {
    if (error.response) {
      console.error(
        `Error: ${error.response.status} - ${error.response.statusText}`
      );
    } else {
      console.error("Error:", error.message);
    }
  }
}

makeRequest();
github-actions[bot] commented 3 days ago

This issue has been locked since it has been closed for more than 10 days.

If you found a concrete bug or regression related to it, please open a new bug report.