tauri icon indicating copy to clipboard operation
tauri copied to clipboard

Published 20 hours ago verified publisher icon tauri-apps

[bug] `dangerousRemoteDomainIpcAccess` Doesn't Work For IP Addresses.

Open zicklag opened this issue 1 year ago • 1 comments

Describe the bug

When setting the domain value for a dangerousRemoteDomainIpcAccess entry, it will confusingly never match the domain to any URL if you specify an IP address.

This is due to this line here:

https://github.com/tauri-apps/tauri/blob/fc7f9ebada959e555f4cff617286f52ce463f29e/core/tauri/src/scope/ipc.rs#L152

The url.domain() method apparently does not return a value for IP addresses, meaning it will never match.

Reproduction

  1. Create a new Tauri project.
  2. Configure the dangerousRemoteDomainIpcAccess with something like: 
    "dangerousRemoteDomainIpcAccess": [
     {
       "domain": "123.456.789.111",
       "windows": ["main"],
       "enableTauriAPI": true
     }
   ]
  3. Make sure a web server is hosting at 123.456.789.111:1234.
  4. In the tauri app set the main window to go to http://123.456.789.111:1234 as an external URL.
  5. See an error in the logs that shows the domain would not be matched: 
    Unhandled Promise Rejection: Scope not defined for URL `http://123.456.789.111:1234/`. See https://tauri.app/v1/api/config/#securityconfig.dangerousremotedomainipcaccess and https://docs.rs/tauri/1/tauri/scope/struct.IpcSc...

Expected behavior

The IP address should be matched to the external access scope like a domain would be.

Platform and versions

I can't run `cargo tauri info` because it doesn't respect the http proxy I'm behind.

I'm on Linux Pop!_OS 20.04 with Tauri crate version `1.3.0` and node `v18.13.0`.

Stack trace

No response

Additional context

This is mostly an issue for me in development, since I'm not using IP addresses when deploying, but it is a problem, because it makes it hard to develop locally, and I spent a good while troubleshooting, resorting to forking Tauri and adding dbg! lines to the source before I discovered the root cause.

Locally I've patched the above lines with to fix the issue:

           let matches_domain = matches_scheme
                && url
                    .host()
                    .map(|h| h.to_string() == s.domain)
                    .unwrap_or_default();

zicklag avatar May 19 '23 20:05 zicklag

An idea for a workaround: you could add this ip address to your hosts file and give it a fake DNS name. Then use this name in your app

prestomation avatar May 23 '23 17:05 prestomation

Modify the dependency package source code

at .cargo\registry\src\index.crates.io-6f17d22bba15001f\tauri-1.4.1\src\scope\ipc.rs

in method remote_access_for

change

if matches_window && matches_domain && scope.is_none() {
        scope.replace(s.clone());
}

to

if matches_window && scope.is_none() {
        scope.replace(s.clone());
}

can fix this temporarily

iFTY-R avatar Sep 12 '23 09:09 iFTY-R