Skip to content
This repository has been archived by the owner on Jan 21, 2024. It is now read-only.

fix: native login box pops up when the session expires #836

Merged
merged 1 commit into from
Feb 3, 2023
Merged

fix: native login box pops up when the session expires #836

merged 1 commit into from
Feb 3, 2023

Conversation

longjuan
Copy link
Member

@longjuan longjuan commented Feb 3, 2023
edited
Loading

What type of PR is this?

/kind improvement
/area console

What this PR does / why we need it:

添加X-Requested-With=XMLHttpRequest请求头,以阻止spring security 带上WWW-Authenticate响应头导致弹出原生登录框。

Which issue(s) this PR fixes:

Fixes halo-dev/halo#3213

Screenshots:

Special notes for your reviewer:

使session过期后(直接删除cookie的session或重启后端),继续操作console端,预期不会弹出原生登录框且console端原有的重新登录form正常弹出。
详情https://spring.io/guides/tutorials/spring-security-and-angular-js/ 中搜索X-Requested-With

Does this PR introduce a user-facing change?

防止浏览器弹出原生登录框

@f2c-ci-robot f2c-ci-robot bot added the release-note Denotes a PR that will be considered when it comes time to generate release notes. label Feb 3, 2023
@vercel
Copy link

vercel bot commented Feb 3, 2023
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated
ui ✅ Ready (Inspect) Visit Preview 💬 Add your feedback Feb 3, 2023 at 7:31AM (UTC)

@f2c-ci-robot f2c-ci-robot bot added kind/improvement Categorizes issue or PR as related to a improvement. area/console labels Feb 3, 2023
@f2c-ci-robot f2c-ci-robot bot requested review from ruibaby and wzrove February 3, 2023 07:30
ruibaby
ruibaby approved these changes Feb 3, 2023
View reviewed changes
Copy link
Member

@ruibaby ruibaby left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/approve

@f2c-ci-robot
Copy link

f2c-ci-robot bot commented Feb 3, 2023

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: ruibaby

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@f2c-ci-robot f2c-ci-robot bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Feb 3, 2023
guqing
guqing reviewed Feb 3, 2023
View reviewed changes
Copy link
Member

@guqing guqing left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@f2c-ci-robot f2c-ci-robot bot added the lgtm Indicates that a PR is ready to be merged. label Feb 3, 2023
@f2c-ci-robot f2c-ci-robot bot merged commit 73ca550 into halo-dev:main Feb 3, 2023
@JohnNiang
Copy link
Member

/milestone 2.3.x

@f2c-ci-robot f2c-ci-robot bot added this to the 2.3.x milestone Feb 3, 2023
@JohnNiang
Copy link
Member

/cherrypick release-2.2

@halo-dev-bot halo-dev-bot mentioned this pull request Feb 3, 2023
Merged
@halo-dev-bot
Copy link

@JohnNiang: new pull request created: #837

In response to this:

/cherrypick release-2.2

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

f2c-ci-robot bot pushed a commit that referenced this pull request Feb 3, 2023
@halo-dev-bot
[release-2.2] fix: native login box pops up when the session expires (#…
d40b620 
…837)

This is an automated cherry-pick of #836

/assign JohnNiang

```release-note
防止浏览器弹出原生登录框
```
@halo-dev-bot
Copy link

@ruibaby: new pull request could not be created: failed to create pull request against halo-dev/console#release-2.2 from head halo-dev-bot:cherry-pick-836-to-release-2.2: status code 422 not one of [201], body: {"message":"Validation Failed","errors":[{"resource":"PullRequest","code":"custom","message":"No commits between halo-dev:release-2.2 and halo-dev-bot:cherry-pick-836-to-release-2.2"}],"documentation_url":"https://docs.github.com/rest/reference/pulls#create-a-pull-request"}

In response to this:

/cherry-pick release-2.2

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@ruibaby ruibaby modified the milestones: 2.3.x, 2.3.0 Feb 10, 2023
@longjuan longjuan deleted the fix/native-login-box branch February 25, 2023 06:12
JohnNiang pushed a commit to JohnNiang/halo that referenced this pull request Mar 2, 2023
@longjuan
fix: native login box pops up when the session expires (halo-dev/cons…
29b55ac 
…ole#836)

<!--  Thanks for sending a pull request!  Here are some tips for you:
1. 如果这是你的第一次,请阅读我们的贡献指南:<https://github.com/halo-dev/halo/blob/master/CONTRIBUTING.md>。
1. If this is your first time, please read our contributor guidelines: <https://github.com/halo-dev/halo/blob/master/CONTRIBUTING.md>.
2. 请根据你解决问题的类型为 Pull Request 添加合适的标签。
2. Please label this pull request according to what type of issue you are addressing, especially if this is a release targeted pull request.
3. 请确保你已经添加并运行了适当的测试。
3. Ensure you have added or ran the appropriate tests for your PR.
-->

#### What type of PR is this?
/kind improvement
/area console
<!--
添加其中一个类别:
Add one of the following kinds:
/kind bug
/kind cleanup
/kind documentation
/kind feature
/kind optimization
适当添加其中一个或多个类别(可选):
Optionally add one or more of the following kinds if applicable:
/kind api-change
/kind deprecation
/kind failing-test
/kind flake
/kind regression
-->

#### What this PR does / why we need it:
添加`X-Requested-With=XMLHttpRequest`请求头,以阻止spring security 带上`WWW-Authenticate`响应头导致弹出原生登录框。
#### Which issue(s) this PR fixes:

<!--
PR 合并时自动关闭 issue。
Automatically closes linked issue when PR is merged.
用法:`Fixes #<issue 号>`,或者 `Fixes (粘贴 issue 完整链接)`
Usage: `Fixes #<issue number>`, or `Fixes (paste link of issue)`.
-->
Fixes halo-dev#3213

#### Screenshots:

<!--
如果此 PR 有 UI 的改动,最好截图说明这个 PR 的改动。
If there are UI changes to this PR, it is best to take a screenshot to illustrate the changes to this PR.
eg.
Before:
![screenshot-before](https://user-images.githubusercontent.com/screenshot.png)
After:
![screenshot-after](https://user-images.githubusercontent.com/screenshot.png)
-->

#### Special notes for your reviewer:
使session过期后(直接删除cookie的session或重启后端),继续操作console端,预期不会弹出原生登录框且console端原有的重新登录form正常弹出。
详情https://spring.io/guides/tutorials/spring-security-and-angular-js/ 中搜索X-Requested-With
#### Does this PR introduce a user-facing change?

<!--
如果当前 Pull Request 的修改不会造成用户侧的任何变更,在 `release-note` 代码块儿中填写 `NONE`。
否则请填写用户侧能够理解的 Release Note。如果当前 Pull Request 包含破坏性更新(Break Change),
Release Note 需要以 `action required` 开头。
If no, just write "NONE" in the release-note block below.
If yes, a release note is required:
Enter your extended release note in the block below. If the PR requires additional action from users switching to the new release, include the string "action required".
-->

```release-note
防止浏览器弹出原生登录框
```
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@guqing guqing guqing left review comments

@ruibaby ruibaby ruibaby approved these changes

@wzrove wzrove Awaiting requested review from wzrove

Assignees

@guqing guqing

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. area/console kind/improvement Categorizes issue or PR as related to a improvement. lgtm Indicates that a PR is ready to be merged. release-note Denotes a PR that will be considered when it comes time to generate release notes.
Projects
None yet
Milestone
2.3.0
Development

Successfully merging this pull request may close these issues.

session过期后浏览器弹出原生登录框
5 participants
@longjuan @JohnNiang @halo-dev-bot @ruibaby @guqing