Skip to content

fix: browser-style login from app windows dies on IPC scope rejection (v0.0.67)#145

Merged
frdomovic merged 5 commits into
masterfrom
fix/auth-page-ipc-scope
Jul 15, 2026
Merged

fix: browser-style login from app windows dies on IPC scope rejection (v0.0.67)#145
frdomovic merged 5 commits into
masterfrom
fix/auth-page-ipc-scope

Conversation

@frdomovic

Copy link
Copy Markdown
Member

Problem

Logging out of a remotely-hosted app (e.g. mero-blocks.vercel.app) and going through the browser-style login navigates the app window to the node's auth page (http://localhost:2528/auth/login?...). That page then dead-ends on "No providers available / No authentication providers are configured on this node." even though the node has providers configured.

Console shows:

Scope not defined for URL `http://localhost:2528/auth/login?...`
[Tauri Proxy] Fetch proxy failed: ...
Failed to load providers: HTTPError: HTTP 0 Network Error

Root cause

Three stacked issues:

  1. Tauri v1 matches IPC scopes by exact string comparison (tauri-1.8.3/src/scope/ipc.rs) on both domain and window label. The {"domain": "*", "windows": ["*"]} entry in tauri.conf.json dangerousRemoteDomainIpcAccess never matched anything — dead config.
  2. create_app_window registers an IPC scope only for the app's own domain. After in-window navigation to the auth page, the page origin is localhost, which has no scope — every IPC call from it is rejected.
  3. proxy_script.js routes all http://localhost fetches through Tauri IPC, even on the auth page itself, where native fetch would work fine (the page is plain-HTTP and same-origin with the node — no mixed content). On proxy failure it re-threw instead of falling back, so the providers request died with HTTP 0.

This only bites apps hosted on a domain other than the node — locally-served apps register localhost as their scope domain, which is why it looked intermittent.

Fix

  • proxy_script.js: only proxy fetch/XHR when the page is served over HTTPS — the proxy exists solely to bypass mixed-content blocking. On plain-HTTP pages (the auth frontend), requests now go through native fetch and just work. Fetch and XHR also fall back to the native path as a last resort if the proxy fails.
  • create_app_window: register IPC scopes for the app domain + the configured node host + localhost (deduped), so IPC survives in-window navigation to the auth page. (Url::domain() returns None for IP hosts, so 127.0.0.1 pages can never match a scope in Tauri v1 — the JS fallback covers those.)
  • tauri.conf.json: remove the inert wildcard dangerousRemoteDomainIpcAccess entry so it can't be mistaken for real coverage.
  • Bump Calimero Desktop to 0.0.67.

Testing

  • cargo check passes (via TAURI_CONFIG allowlist patch; plain cargo check fails on the pre-existing http-all feature/allowlist mismatch that the tauri CLI reconciles during tauri build)
  • node --check on proxy_script.js passes
  • All compiler warnings pre-exist this change

Companion PR in auth-frontend improves recovery UX on the providers page (distinguishes "unable to load" from "none configured" + retry).

🤖 Generated with Claude Code

Logging out of a remotely-hosted app (e.g. mero-blocks.vercel.app) and
navigating in-window to the node's auth page (http://localhost:2528/auth/login)
left the user stuck on "No providers available": every fetch from that page was
routed through the Tauri IPC proxy, but Tauri v1 matches IPC scopes by exact
domain — only the app's own domain was registered, so all IPC calls from the
localhost-origin page failed with "Scope not defined for URL", and the proxy
re-threw instead of falling back.

- proxy_script.js: only proxy fetch/XHR from HTTPS pages (the proxy exists
  solely to bypass mixed-content blocking; plain-HTTP pages can reach
  http://localhost natively), and fall back to the native fetch/XHR path as a
  last resort when the proxy fails
- create_app_window: register IPC scopes for the node host and localhost in
  addition to the app domain, so IPC survives in-window navigation to the
  auth page
- tauri.conf.json: drop the dangerousRemoteDomainIpcAccess wildcard entry —
  Tauri v1 does exact matching only, so it never matched anything
- bump app to 0.0.67

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
The proxy-script test harness injects the IIFE with a bare mock window that
has no `location`, so pageNeedsProxy() threw. Give the mock a location
(HTTPS by default so proxy-path tests keep exercising the proxy), add a test
for the http-page → native-fetch bypass, and make pageNeedsProxy() fall back
to the historical always-proxy behavior if location is ever unreadable.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>

@meroreviewer meroreviewer Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🤖 AI Code Reviewer

Reviewed by 2 agents | Quality score: 90% | Review time: 339.4s


✅ No Issues Found

All agents reviewed the code and found no issues. LGTM! 🎉


🤖 Generated by AI Code Reviewer | Review ID: review-baeaa78f

@meroreviewer

meroreviewer Bot commented Jul 13, 2026

Copy link
Copy Markdown

Documentation Review

The following documentation may need updates based on the changes in this PR:

  • 🔴 architecture/: This repository has no architecture documentation folder (e.g. architecture/, docs/, or doc/). Consider adding one to document high-level design decisions.

@meroreviewer meroreviewer Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🤖 AI Code Reviewer

Reviewed by 2 agents | Quality score: 90% | Review time: 198.9s


✅ No Issues Found

All agents reviewed the code and found no issues. LGTM! 🎉


🤖 Generated by AI Code Reviewer | Review ID: review-1d79f389

rc.14 embeds auth-frontend v1.3.1 (auth-frontend#37), which pairs with the
proxy fix in this PR: the login page recovers from a failed providers load
instead of dead-ending on "No providers available".

NOTE: builds fail until core 0.11.0-rc.14 is released (core#3218) — the
prepare-merod script downloads the binary by release tag.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
@frdomovic

Copy link
Copy Markdown
Member Author

Added the bundled-merod bump to 0.11.0-rc.14. Build checks will stay red until core cuts the rc.14 release (calimero-network/core#3218) — prepare-merod.mjs downloads the binary by release tag. Merge order: auth-frontend#37 (auto-cuts v1.3.1) → core#3218 (release rc.14, embeds v1.3.1) → re-run CI here → merge.

@meroreviewer meroreviewer Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🤖 AI Code Reviewer

Reviewed by 2 agents | Quality score: 90% | Review time: 204.8s


✅ No Issues Found

All agents reviewed the code and found no issues. LGTM! 🎉


🤖 Generated by AI Code Reviewer | Review ID: review-b5c4883b

…cope

# Conflicts:
#	apps/desktop/src-tauri/src/proxy_script.js
#	apps/desktop/src/utils/proxyScript.test.ts

@meroreviewer meroreviewer Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🤖 AI Code Reviewer

Reviewed by 2 agents | Review time: 631.4s


✅ No Issues Found

All agents reviewed the code and found no issues. LGTM! 🎉


🤖 Generated by AI Code Reviewer | Review ID: review-781d98b6

@cursor

cursor Bot commented Jul 15, 2026

Copy link
Copy Markdown

Bugbot is paused — on-demand spend limit reached

Bugbot uses usage-based billing for this team and has hit its on-demand spend limit.

A team admin can raise the spend limit in the Cursor dashboard, or wait for the next billing cycle to continue.

@meroreviewer meroreviewer Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🤖 AI Code Reviewer

Reviewed by 2 agents | Review time: 138.2s


✅ No Issues Found

All agents reviewed the code and found no issues. LGTM! 🎉


🤖 Generated by AI Code Reviewer | Review ID: review-7fe01fcf

@frdomovic frdomovic merged commit e17e605 into master Jul 15, 2026
5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant