From 5fa87a4440ae081013428778378ab24c4496c087 Mon Sep 17 00:00:00 2001 From: Leonardo Mendoza Date: Mon, 27 Jan 2025 17:16:19 -0600 Subject: [PATCH] fix-proxi-for-new-csrf-policy --- src/proxy.conf.qa.mjs | 34 +++++++++++++++++++++++++++++++++- 1 file changed, 33 insertions(+), 1 deletion(-) diff --git a/src/proxy.conf.qa.mjs b/src/proxy.conf.qa.mjs index 6b494e7efe..fc98db5caf 100644 --- a/src/proxy.conf.qa.mjs +++ b/src/proxy.conf.qa.mjs @@ -4,6 +4,7 @@ export default { secure: false, logLevel: 'debug', changeOrigin: true, + cookieDomainRewrite: 'localhost', bypass: function (req, res, proxyOptions) { /// PRINT REQUEST PATH if (req.headers.accept?.includes('html')) { @@ -11,14 +12,17 @@ export default { } req.headers['X-Dev-Header'] = 'local-host-proxy-call' }, + onProxyRes: responseOverights(), }, '/': { target: 'https://qa.orcid.org', secure: false, logLevel: 'debug', changeOrigin: true, + cookieDomainRewrite: 'localhost', + onProxyRes: responseOverights(), + bypass: function (req, res, proxyOptions) { - /// PRINT REQUEST PATH if (req.headers.accept?.includes('html') && req.path !== '/signout') { return '/index.html' } @@ -26,3 +30,31 @@ export default { }, }, } +function responseOverights() { + return (proxyRes, req, res) => { + // Grab the existing 'set-cookie' headers + const cookies = proxyRes.headers['set-cookie'] + if (cookies) { + // Transform each cookie + const newCookies = cookies.map((cookie) => { + // Example: rewrite "Domain=qa.orcid.org" to "Domain=localhost" + return cookie.replace(/Domain=\.?qa\.orcid\.org/i, 'Domain=localhost') + }) + + // Put the transformed cookies back into the response header + proxyRes.headers['set-cookie'] = newCookies + } + + // Check for 3xx (especially 302) status codes: + if (proxyRes.statusCode >= 300 && proxyRes.statusCode < 400) { + let location = proxyRes.headers['location'] + if (location) { + location = location.replace( + 'https://qa.orcid.org/signin', + 'http://localhost:4200/signin' + ) + proxyRes.headers['location'] = location + } + } + } +}