plugins-workspace icon indicating copy to clipboard operation
plugins-workspace copied to clipboard
verified publisher icon tauri-apps

[bug] tauri-apps/updater check

Open AnthonyTB opened this issue 9 months ago • 4 comments

Describe the bug

When putting a raw json endpoint in the updater.endpoints section of tauri.conf I get (error sending request for url ("endpoint url")). If I click on the link via the console output it opens just fine in another window. I then tried to switch to the github releases file download option and it gets the same error (error sending request for url ("its a weird objects.githubusercontent aws link that 401's"))

Reproduction

tauri conf

"plugins": { "updater": { "active": true, "pubkey": "dW50cnVzdGVkIGNvbW1lbnQ6IG1pbmlzaWduIHB1YmxpYyBrZXk6IEQ1NDVEQ0NDNkE1Q0U0MQpSV1JCenFYR3pGMVVEYmJoZ1lvcFd1dDlxVk9TSHlZTGZva0plbnAvMjd4ODZQdDM3eHVmZEloOQo=", "endpoints": [ "https://github.com/AnthonyTB/port-24/releases/latest/download/latest.json" ] } }

package.json

"@tauri-apps/plugin-process": "2.2.0", "@tauri-apps/plugin-updater": "2.6.1",

js implementation

check({ timeout: 30000 }) .then(async (data) => { console.log("j", { data }); if (data) { data .downloadAndInstall() .then(async (res) => { console.log("h", { res }); await relaunch(); }) .catch((i_err) => { console.log({ i_err }); }); } else { console.log("no update"); setLoading(false); } }) .catch((err) => { console.log({ err }); });

Expected behavior

Better error handling instead of just error requesting url and for it parse the json properly

Full tauri info output

[✔] Environment
    - OS: Windows 10.0.26100 x86_64 (X64)
    ✔ WebView2: 134.0.3124.93
    ✔ MSVC: Visual Studio Build Tools 2022
    ✔ rustc: 1.85.1 (4eb161250 2025-03-15)
    ✔ cargo: 1.85.1 (d73d2caf9 2024-12-31)
    ✔ rustup: 1.28.1 (f9edccde0 2025-03-05)
    ✔ Rust toolchain: stable-x86_64-pc-windows-msvc (default)
    - node: 23.9.0
    - npm: 10.9.2

[-] Packages
    - tauri 🦀: 2.4.0
    - tauri-build 🦀: 2.1.0
    - wry 🦀: 0.50.5
    - tao 🦀: 0.32.8

[-] Plugins
    - tauri-plugin-opener 🦀: 2.2.6
    - tauri-plugin-process 🦀: git+https://github.com/tauri-apps/plugins-workspace?branch=v2#0bc5d5887420ba1eb718254490b7995c771c0447 (2.2.0)
 - tauri-plugin-updater 🦀: git+https://github.com/tauri-apps/plugins-workspace?branch=v2#0bc5d5887420ba1eb718254490b7995c771c0447 (2.6.1)

[-] App
    - build-type: bundle
    - CSP: unset
    - frontendDist: ../dist
    - devUrl: http://localhost:1420/

### Stack trace

```text

Additional context

No response

AnthonyTB avatar Mar 28 '25 13:03 AnthonyTB

When putting a raw json endpoint in the updater.endpoints section of tauri.conf I get (error sending request for url ("endpoint url")). If I click on the link via the console output it opens just fine in another window.

was that private maybe?

I then tried to switch to the github releases file download option and it gets the same error (error sending request for url ("its a weird objects.githubusercontent aws link that 401's"))

I don't see anything wrong with your setup - do you maybe have a proxy setup that doesn't work outside the browser (or at least not in the tauri app) or something like that?

Or maybe it was a server error? cause that link itself is somewhat correct but maybe github's cdn had problems. wouldn't be the first time.

FabianLars avatar Mar 30 '25 10:03 FabianLars

was that private maybe?

I tried both secret/public gist

I don't see anything wrong with your setup - do you maybe have a proxy setup that doesn't work outside the browser (or at least not in the tauri app) or something like that?

No I don't have any proxies setup

Or maybe it was a server error? cause that link itself is somewhat correct but maybe github's cdn had problems. wouldn't be the first time.

here's the url in the error that its saying it cant fetch. It works when inserting into a browser and even on a machine that has no github creds. But the updater cant fetch it or its giving a bad error and it is fetching it but something else is breaking.

https://objects.githubusercontent.com/github-production-release-asset-2e65be/828054488/49e5f93c-bca9-47b0-bf5e-34fb3c8eeb16?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250331%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250331T111926Z&X-Amz-Expires=300&X-Amz-Signature=07faa7f045a4f89937dd074608c6cffc264d5f32f3f53af6546c466f778acdf2&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3Dlatest.json&response-content-type=application%2Foctet-stream

AnthonyTB avatar Mar 31 '25 11:03 AnthonyTB

I am facing the same error and believe it's caused by strict TLS certificate validation.

My update server uses a self-signed certificate. I can only fetch the update manifest successfully using an external HTTP client (like reqwest in Rust) if I explicitly disable certificate validation with an option like .danger_accept_invalid_certs(true).

This suggests the updater's client is rejecting the connection due to the certificate, but the error message is too generic.

Could a feature similar to danger_accept_invalid_certs in tauri-plugin-http be added to the updater's configuration? This would likely solve the issue for developers using internal or self-signed certificates.

christian-leingang avatar Oct 23 '25 13:10 christian-leingang

At least the error caused by strict TLS certificate validation would be resolved with this Pull Request

christian-leingang avatar Oct 24 '25 09:10 christian-leingang