Closed abarke closed 1 year ago
abarke
commented
2 years ago The problem here is the domain used: webcontainer.io
This domain is blocked by our VPN/Corporation.
Does stackblitz own this domain? If so we may be able to trust it. If not, please use a trusted domain like stackblitz.com
jrvidal
commented
2 years ago @abarke Thanks for the report. Yes, we own that domain, it's part of the WebContainer architecture.
abarke
commented
2 years ago I would ask my company to add this domain to the whitelist but this is potentially risky as we can't prove/trust the owner.
According to https://who.is/whois/webcontainer.io the domain is registered to: 1API GmbH in Germany.
This doesn't sound very convincing.
@jrvidal Could you simply use the trusted stackblitz.com domain instead?
abarke
commented
2 years ago @jrvidal as another alternative perhaps you could simply setup a forward from webcontainer.io to stackblitz.com to prove that you really own this domain. Otherwise there is no indication that this is the case other than a comment in this thread.
abarke
commented
2 years ago @jrvidal FYI we may consider using Stackblitz Enterprise in the near future 😉 so it would be good if it works in our network.
SamVerschueren
commented
2 years ago cc @EricSimons @apai4
EricSimons
commented
2 years ago Hey @abarke - thanks for bringing this to our attention. We use privacy protection on own domain registrations which is why it shows up as that (the same shows for https://who.is/whois/stackblitz.com).
Out of curiosity, do you know what VPN your company uses and/or why webcontainer.io ended up on the block list? Would be great to know if we can do something from our end to ensure your VPN and others don't block future domains we use.
I should be able to get a redirect going from webcontainer.io -> stackblitz.com pretty easily, if that helps!
abarke
commented
2 years ago @EricSimons thanks for getting back to us.
Not sure what URL blocker we are using and if it is part of our VPN setup, but the VPN is GlobalProtect.
Our sec team added the webcontainer.io URL to our whitelist, but there is still an error. Seems there is something else in the URL that is raising red flags. When looking at the URL im not surprised really as its quite a mouthful and not a very standard format. This is probably the reason our URL checker is questioning it's authenticity.
Could your dev team perhaps work on making this a bit more of a sec friendly URL?
abarke
commented
2 years ago @EricSimons BTW setting up a redirect would definitely help the authenticity/credibility issue.
d3lm
commented
1 year ago Hey @abarke 👋
Can you tell me a bit more about your URL checker and what's blocking the URL? All parts of the URL are quite important and it's the only place we can store information about the project, especially when storage partitioning is rolled out in all browsers (already live in Firefox and Safari). In fact, there will soon be another piece of information in the URL and we know it's not the most convenient URL but unfortunately, like I said, due to browser security restrictions it's the only place to store information reliably.
abarke
commented
1 year ago Meanwhile we added an exception to the URL blocker, so this is no longer an issue on our side. Thanks!
d3lm
commented
1 year ago Awesome, thanks for letting us know 🙏
Describe the bug
When connected via VPN to our company network our VPN client is blocking the URL:
https://nuxt-starter-u4yccb--3000.local.webcontainer.io/.localservice@relay.731360fb19d99dfc563f19370095b1e3465a14ed.html
Console: Failed to load resource: the server responded with a status of 503
When disconnected from the VPN it works as expected.
Link to the blitz that caused the error
https://stackblitz.com/edit/nuxt-starter-u4yccb
Steps to reproduce
Expected behavior
The page preview opens and shows the page.
Screenshots
Platform
Additional context
No response