Embedded markdown fails due to cross site authenticaiton #1422
Labels
Comments
Open
19 tasks
|
Is the fix planned to be rolled out? I have encountered the same problem today, trying to render markdown from a repo in Azure DevOps. I, using both alias and remoteMarkdown extension. |
This was referenced Jan 17, 2022
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Bug Report
Steps to reproduce
Exposing this issue requires the import of a markdown behind an authenticated site. The bug was discovered when working on a site locally using the docsify-cli tool in which a markdown page had embedded another markdown from a corporate github enterprise system. It's assumed that once the pages were uploaded to the same github instance the issue would be resolved, but this bug makes it impossible to work on such documentation on a local environment.
What is current behaviour
When docsify attempts to fetch the protected resource instead of the markdown the request is redirected to the authentication page, which is returned and embedded into the markdown.
What is the expected behaviour
When embedding a protected markdown that I have already authenticated to I should see the contents of that markdown embedded into the page.
Other relevant information
To solve this issue the XMLHttpRequest used to fetch the contents should set the withCredentials value to true. If the use has then successfully authenticated in the browser to the protected resource this would allow docsify to properly fetch the requested content.
Bug does still occur when all/other plugins are disabled?
Your OS: RHEL v8.0.2
Node.js version: v10.21.0
npm/yarn version: 6.14.4
Browser version: Firefox 81.0.2, Chrome 86.0.4240.183
Docsify version: 4.11.6
Docsify plugins:
Please create a reproducible sandbox
Mention the docsify version in which this bug was not present (if any)
The text was updated successfully, but these errors were encountered: