Skip to content

Commit

Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix: Return hostname if domain is empty but suffix is same as hostname
Browse files Browse the repository at this point in the history
KShivendu committed Sep 19, 2023
1 parent c2bd2fc commit cde073c
Showing 3 changed files with 50 additions and 4 deletions.
6 changes: 3 additions & 3 deletions supertokens_python/utils.py
Original file line number Diff line number Diff line change
@@ -302,9 +302,9 @@ def get_top_level_domain_for_same_site_resolution(url: str) -> str:

parsed_url: Any = extract(hostname, include_psl_private_domains=True)
if parsed_url.domain == "": # type: ignore
if hostname.endswith(".amazonaws.com"):
# tldextract.extract() isn't able to parse AWS service public urls
return "amazonaws.com"
# We need to do this because of https://github.com/supertokens/supertokens-python/issues/394
if hostname.endswith(".amazonaws.com") and parsed_url.suffix == hostname:
return hostname

raise Exception(
"Please make sure that the apiDomain and websiteDomain have correct values"
20 changes: 20 additions & 0 deletions tests/test_config.py
Original file line number Diff line number Diff line change
@@ -777,6 +777,26 @@ async def test_cookie_samesite_with_ec2_public_url():
],
)

assert SessionRecipe.get_instance().config.cookie_domain is None
assert SessionRecipe.get_instance().config.cookie_same_site == "none"
assert SessionRecipe.get_instance().config.cookie_secure is False

reset()

init(
supertokens_config=SupertokensConfig("http://localhost:3567"),
app_info=InputAppInfo(
app_name="SuperTokens Demo",
api_domain="http://ec2-xx-yyy-zzz-0.compute-1.amazonaws.com:3001",
website_domain="http://ec2-xx-yyy-zzz-0.compute-1.amazonaws.com:3000",
api_base_path="/",
),
framework="fastapi",
recipe_list=[
session.init(get_token_transfer_method=lambda _, __, ___: "cookie")
],
)

assert SessionRecipe.get_instance().config.cookie_domain is None
assert SessionRecipe.get_instance().config.cookie_same_site == "lax"
assert SessionRecipe.get_instance().config.cookie_secure is False
28 changes: 27 additions & 1 deletion tests/test_utils.py
Original file line number Diff line number Diff line change
@@ -3,7 +3,11 @@
import pytest
import threading

from supertokens_python.utils import humanize_time, is_version_gte
from supertokens_python.utils import (
humanize_time,
is_version_gte,
get_top_level_domain_for_same_site_resolution,
)
from supertokens_python.utils import RWMutex

from tests.utils import is_subset
@@ -171,3 +175,25 @@ def balance_is_valid():
expected_balance -= 10 * 5 # 10 threads withdrawing 5 each
actual_balance, _ = account.get_stats()
assert actual_balance == expected_balance, "Incorrect account balance"


@pytest.mark.parametrize(
"url,res",
[
("http://localhost:3001", "localhost"),
(
"https://ec2-xx-yyy-zzz-0.compute-1.amazonaws.com",
"ec2-xx-yyy-zzz-0.compute-1.amazonaws.com",
),
(
"https://foo.vercel.com",
"vercel.com",
),
(
"https://blog.supertokens.com",
"supertokens.com",
),
],
)
def test_tld_for_same_site(url: str, res: str):
assert get_top_level_domain_for_same_site_resolution(url) == res

0 comments on commit cde073c

Please sign in to comment.