Invalid domain character when specifying port

mozilla / geckodriver

WebDriver for Firefox

https://firefox-source-docs.mozilla.org/testing/geckodriver/

Mozilla Public License 2.0

7.03k stars 1.51k forks source link

Invalid domain character when specifying port #2166

Open codedge opened 3 months ago

codedge commented 3 months ago

System

Version: 0.34
Platform: Linux
Firefox: 123.0.1
Selenium:

I run geckodriver in a separate Docker container and want to allow a certain header+port via the --allow-hosts parameter.

services:
  php:
    build: .
    ports:
      - "9029:80"

  webdriver:
    image: instrumentisto/geckodriver:latest
    command:
      - --binary=/opt/firefox/firefox
      - --host=0.0.0.0
      - --port=4444
      - --allow-hosts=localhost,webdriver:4444
      - --log=debug
    ports:
      - "4444:4444"

Either via docker-compose or directly on the command line, I get the error

geckodriver: error: invalid value 'localhost,webdriver,webdriver:4444' for '--allow-hosts <ALLOW_HOSTS>...': invalid domain character

I need the port specified inside the --allow-hosts , otherwise I get Invalid Host header webdriver:4444 when calling the webdriver container.

Any advice?

jgraham commented 3 months ago

It looks like we currently don't support passing in a port to --allow-hosts, but expect the port in the request's Host header to match the port the server is bound to: https://searchfox.org/mozilla-central/source/testing/webdriver/src/server.rs#339

It seems like that could be broken in some port-forwarding setups, but I'm a bit surprised if it doesn't work when you're matching the ports inside and outside the container.

whimboo commented 3 months ago

@codedge could you please check if the workaround @jgraham mentioned works for you temporary?

codedge commented 3 months ago

The only thing that does work is

services:
  php:
    build: .
    ports:
      - "9029:80"

  webdriver:
    image: instrumentisto/geckodriver:latest
    command:
      - --binary=/opt/firefox/firefox
      - --host=0.0.0.0
      - --port=80
      - --allow-hosts=localhost,webdriver
      - --log=debug
    ports:
      - "80:80"

This way I can whitelist http://webdriver without port, as 80 is the default for HTTP. If I mix something up here, can you please post a docker-compose config, like mine, with the values you think work better?

whimboo commented 2 months ago

It looks like we currently don't support passing in a port to --allow-hosts, but expect the port in the request's Host header to match the port the server is bound to: https://searchfox.org/mozilla-central/source/testing/webdriver/src/server.rs#339

@jgraham, given that the argument is about the host and not the port, shouldn't we actually ignore the port? With --allow-origin we have another argument that is used to prevent connections from unwanted locations and this includes checks for the port. Or do I miss something?