home-assistant.io icon indicating copy to clipboard operation
home-assistant.io copied to clipboard

Published 20 hours ago verified publisher icon home-assistant

Strict connection mode yaml not documented

Open wormiedk opened this issue 1 year ago • 5 comments

Feedback

The parameters for strict connection mode are specified but not what the yaml entry is called. I guess it might be strict_connection_mode:

The documentation reads

http:
  use_x_forwarded_for: true
  trusted_proxies:
    - 10.0.0.200      # Add the IP address of the proxy server
    - 172.30.33.0/24  # You may also provide the subnet mask
   
**Strict connection mode**
The following modes are supported:

disabled: Strict connection mode is disabled, and all unauthenticated requests are allowed (Same as before 2024.5).
guard_page: Home Assistant will answer any unauthenticated requests with a guard page, informing the user about the strict connection mode.
drop_connection: Home Assistant will drop/close the connection for any unauthenticated requests, similar to when no Home Assistant instance is running.

URL

https://rc.home-assistant.io/integrations/http/#strict-connection-mode

Version

2024.5

Additional information

No response

wormiedk avatar Apr 26 '24 14:04 wormiedk

Hey there @home-assistant/core, mind taking a look at this feedback as it has been labeled with an integration (http) you are listed as a code owner for? Thanks!

Code owner commands

Code owners of http can trigger bot actions by commenting:

  • @home-assistant close Closes the feedback.
  • @home-assistant rename Awesome new title Renames the feedback.
  • @home-assistant reopen Reopen the feedback.
  • @home-assistant unassign http Removes the current integration label and assignees on the feedback, add the integration domain after the command.
  • @home-assistant add-label needs-more-information Add a label (needs-more-information) to the feedback.
  • @home-assistant remove-label needs-more-information Remove a label (needs-more-information) on the feedback.

home-assistant[bot] avatar Apr 26 '24 14:04 home-assistant[bot]

Appaently not :)

http:
  ip_ban_enabled: true
  login_attempts_threshold: 5
  use_x_forwarded_for: true
  strict_connection_mode: guard_page

Gives this error:

Invalid config for 'http' at configuration.yaml, line 10: 'strict_connection_mode' is an invalid option for 'http', check: http->strict_connection_mode

wormiedk avatar Apr 26 '24 14:04 wormiedk

It needs to be strict_connection:

MrJelly17 avatar Apr 28 '24 21:04 MrJelly17

I just tried enabling it. I think the documentation needs to state how to login to the app from a new device. I tried

  1. Create a temporary token
  2. Login to browser on device
  3. Still no access to the app.
  4. Log out of home asssistant app
  5. Log into home assistant app while on local wifi
  6. Home assistant app states that I have no access.
  7. Disabled strict login :)

Ideally I would be able to validate the login to a new device from a device on my local lan instead of jumping through hoops :)

wormiedk avatar Apr 29 '24 13:04 wormiedk

There hasn't been any activity on this issue recently. Due to the high number of incoming GitHub notifications, we have to clean some of the old issues, as many of them have already been resolved. If this issue is still relevant, please let us know by leaving a comment 👍 This issue has now has been marked as stale and will be closed if no further activity occurs. Thank you for your contributions.

github-actions[bot] avatar Jun 28 '24 14:06 github-actions[bot]