unpkg.com call in the front

minio / console

Simple UI for MinIO Object Storage :abacus:

https://min.io/docs/minio/linux/index.html

GNU Affero General Public License v3.0

852 stars 282 forks source link

unpkg.com call in the front #3468

Closed p1r4t3-s4il0r closed 4 days ago

p1r4t3-s4il0r commented 2 weeks ago

NOTE

Please subscribe to our paid subscription plans for 24x7 support from our Engineering team.

Trough a web browser, the login page of minio is making a request to https://unpkg.com/detect-gpu@5.0.38/dist/benchmark/d-amd.json.

Expected Behavior

I want do deactivate this request.

Current Behavior

Request to https://unpkg.com/detect-gpu@5.0.38/dist/benchmark/d-amd.json.

Steps to Reproduce (for bugs)

Go to login page
Open the inspector
Go to network and reload the page
You should see a request to unpkg.com

Context

I need to deactivate this request. Because I want to prevent unwanted call to internet.

Regression

No regression (as far as I know).

Your Environment

MinIO version used (minio --version): RELEASE.2024-07-16T23-46-41Z
Server setup and configuration: docker compose
Operating System and version (uname -a): Alma Linux 4.18

ramondeklein commented 2 weeks ago

Just confirmed that RELEASE.2024-10-29T16-01-48Z is making this request. Just checked the code and this is coming from the LoginWrapper in the MDS component (source). It looks like this is used to determine if a GPU is available to play the background video in the login-page.

p1r4t3-s4il0r commented 2 weeks ago

Thanks for your answer.

Are you planning on implementing a environment variable to control this behavior ?

Thanks.

harshavardhana commented 2 weeks ago

Are you planning on implementing a environment variable to control this behavior ?

Set

export MINIO_BROWSER_LOGIN_ANIMATION=off

ramondeklein commented 2 weeks ago

@harshavardhana This disables the login animation, but it still makes the call to unpkg.com.

ramondeklein commented 2 weeks ago

See https://github.com/minio/mds/pull/1091.

p1r4t3-s4il0r commented 4 days ago

Hello @ramondeklein , Thank you very much for you work. Do you when the new container image of minio will be released on the docker hub ? Thanks

ramondeklein commented 3 days ago

We are planning some more work on the next console release, so it may take some time. We don't consider this a high-priority item, so we won't release a new MinIO release, because of this. When a new console is merged into MinIO, this feature will become available automatically.

In the mean-time you may want to block unpkg.com by settings .spec.hostAliases for this hostname.

PS: Thanks for reporting. We don't want MinIO to contact the internet unless explicitly being told to...

p1r4t3-s4il0r commented 2 days ago

No worries, I'll wait.

I'm happy to contribute to open source projects : )