Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Install script should lowercase all domain names #3641

Open
ocdtrekkie opened this issue Jul 13, 2022 · 3 comments
Open

Install script should lowercase all domain names #3641

ocdtrekkie opened this issue Jul 13, 2022 · 3 comments
Labels
bug install-config Installation/configuration issues self-hosting

Comments

@ocdtrekkie
Copy link
Collaborator

A new user submitted the following error to the mailing list today when trying to set up Google login on a new Sandcats install:

{"line":"405","file":"oauth_server.js","message":"Error in OAuth Server: redirectUrl (https://example.sandcats.io/setup/user) is not on the same host as the app (https://EXample.sandcats.io/)","time":{"$date":1657666882313},"level":"warn"} Exception while invoking method 'login' Error: Failed to complete OAuth handshake with Google. failed [400] { "error": "redirect_uri_mismatch", "error_description": "Bad Request" } at getTokens (packages/google-oauth/google_server.js:105:7) at Object.getServiceData [as handleOauthRequest] (packages/google-oauth/google_server.js:80:58) at OAuth._requestHandlers.<computed> (packages/oauth2/oauth2_server.js:10:33) at middleware (packages/oauth/oauth_server.js:170:5) at /programs/server/npm/node_modules/meteor/promise/node_modules/meteor-promise/fiber_pool.js:43:40

The user had registered EXample as his subdomain instead of example, and Google OAuth failed to match that. Attempting to use capital letters with Google OAuth in any way seemed to throw it off. The user ended up reinstalling with the lowercase version of his subdomain.

Note that I do not know if Sandcats deduplicates capitalized and lowercase subdomains in registrations, so I am unsure if the user had to recover the subdomain or if it allowed re-registration, or if it kept the existing keys during the uninstall and reinstall process.

But I think we should adjust the install script to lowercase all domain names and Sandcats subdomains automatically.

@ocdtrekkie ocdtrekkie added bug self-hosting install-config Installation/configuration issues labels Jul 13, 2022
@xet7
Copy link
Contributor

xet7 commented Jul 13, 2022

@ocdtrekkie

So I presume it's also OK for non-ascii domain names because they use punycode?

@ocdtrekkie
Copy link
Collaborator Author

I am not sure about non-ASCII domains, but my understanding is browsers (and most other things that handle DNS) will lowercase capital ASCII characters to lowercase ASCII characters, aka, Alpha.SaNdStOrM.io will automagically always navigate to alpha.sandstorm.io

@zenhack
Copy link
Collaborator

zenhack commented Jul 14, 2022

Assuming we do lowercasing after punycode encoding it should be fine, yeah.

And yes, DNS is case-insensitive (for ascii; in general different languages don't even always agree on what characters are different cases of the same letter. E.g. in turkish a captial i is İ and a lower case I is ı).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug install-config Installation/configuration issues self-hosting
Projects
None yet
Development

No branches or pull requests

3 participants