UI resizable panels / DNS rebinding #88
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
…ST precedence and empty-string fallback
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Contributor
There was a problem hiding this comment.
Pull request overview
This PR implements DNS rebinding protection by introducing configurable API host resolution in the UI, and enhances user experience by widening the resizable split panel divider. The changes also include development environment setup improvements with Docker Compose configuration and dependency updates.
- Implemented API host precedence:
REACT_APP_API_HOST>localStorage['api_host']>"/api"with proper error handling for localStorage access - Increased split panel divider width from 8px to 19px for improved usability
- Added Docker Compose configuration and enhanced development environment setup script
Reviewed changes
Copilot reviewed 10 out of 10 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
| dusseldorf/ui/src/DusseldorfConfig.ts | Refactored API host resolution with proper precedence order and error handling for localStorage access in privacy mode |
| dusseldorf/ui/src/Components/Rules/RuleTable.tsx | Removed unused ColumnManager and ColumnConfig imports |
| dusseldorf/ui/src/Components/ResizableSplitPanel.tsx | Widened divider from 8px to 19px and applied code formatting improvements |
| dusseldorf/ui/src/Components/Requests/RequestTable.tsx | Removed unused ColumnManager import and defaultColumnConfig constant |
| dusseldorf/ui/README.md | Updated documentation with API host resolution information and added changelog entry |
| dusseldorf/listener.dns/src/dnsresolver.py | Improved code comments and refactored TTL handling to read from response object |
| dusseldorf/generate_devenv.sh | Enhanced script with input validation and default values, but contains critical duplication bug |
| dusseldorf/docker-compose.yml | Added complete Docker Compose configuration for all services (mongodb, api-server, listener-http, listener-dns) |
| dusseldorf/api/src/api/requirements.txt | Downgraded urllib3 from 2.5.0 to 2.0.4 |
| .dockerignore | Added comprehensive Docker ignore patterns for Python, Node, and development files |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
You can also share your feedback on Copilot code review for a chance to win a $100 gift card. Take the survey.
Comment on lines
+74
to
+146
| echo "Environment setup complete. You can now start running Dusseldorf with docker compose up."#!/bin/bash | ||
| set -e | ||
|
|
||
| EXAMPLE_CLIENT_ID="dc1b6b75-8167-4baf-9e75-d3d1f755de1b" | ||
| EXAMPLE_TENANT_ID="72f988bf-86f1-41af-91ab-2d7cd011db47" | ||
|
|
||
| CLIENT_ID_DEFAULT="${AZURE_CLIENT_ID:-$EXAMPLE_CLIENT_ID}" | ||
| TENANT_ID_DEFAULT="${AZURE_TENANT_ID:-$EXAMPLE_TENANT_ID}" | ||
|
|
||
| read -p "Azure Client ID [$CLIENT_ID_DEFAULT]: " INPUT_CLIENT_ID || true | ||
| [[ -n "$INPUT_CLIENT_ID" && "$INPUT_CLIENT_ID" =~ ^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$ ]] && AZURE_CLIENT_ID="$INPUT_CLIENT_ID" || AZURE_CLIENT_ID="$CLIENT_ID_DEFAULT" | ||
|
|
||
| read -p "Azure Tenant ID [$TENANT_ID_DEFAULT]: " INPUT_TENANT_ID || true | ||
| [[ -n "$INPUT_TENANT_ID" && "$INPUT_TENANT_ID" =~ ^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$ ]] && AZURE_TENANT_ID="$INPUT_TENANT_ID" || AZURE_TENANT_ID="$TENANT_ID_DEFAULT" | ||
|
|
||
| echo "Using Client ID: $AZURE_CLIENT_ID" | ||
| echo "Using Tenant ID: $AZURE_TENANT_ID" | ||
|
|
||
| mkdir -p env/certs env/mongo-data env/mongo-scripts ui | ||
| openssl req -newkey rsa:2048 -nodes -keyout "env/certs/tls.key" -x509 -days 365 -out "env/certs/tls.crt" -subj "/CN=localhost" >/dev/null 2>&1 || { echo "openssl not found" >&2; exit 1; } | ||
|
|
||
| MONGO_PASSWORD=$(openssl rand -hex 12) | ||
| cat <<EOF > env/mongo-scripts/init.js | ||
| db = db.getSiblingDB("dusseldorf"); | ||
| db.createUser({ | ||
| user: "admin", | ||
| pwd: "$MONGO_PASSWORD", | ||
| roles: [{ role: "readWrite", db: "dusseldorf" }] | ||
| }); | ||
| db.createCollection("domains"); | ||
| db.createCollection("zones"); | ||
| db.createCollection("requests"); | ||
| db.createCollection("rules"); | ||
| db.domains.createIndex({domain: 1}, { unique: true }); | ||
| db.zones.createIndex({fqdn: 1}, { unique: true }); | ||
| db.requests.createIndex({ | ||
| "zone": 1, | ||
| "time": 1 | ||
| }); | ||
| db.domains.insertOne({"domain": "dusseldorf.local", "public_ips": ["172.18.0.9"], "owner": "dusseldorf"}); | ||
| EOF | ||
|
|
||
| cat <<EOF > .env | ||
| # Dusseldorf Environment Variables | ||
| API_VERSION=1 | ||
| ENVIRONMENT=development | ||
| AZURE_CLIENT_ID=$AZURE_CLIENT_ID | ||
| AZURE_TENANT_ID=$AZURE_TENANT_ID | ||
| MONGO_USERNAME=admin | ||
| MONGO_PASSWORD=$MONGO_PASSWORD | ||
| MONGO_DB_NAME=dusseldorf | ||
| MONGODB_DB_NAME=dusseldorf | ||
| DSSLDRF_TLS_CRT_FILE=./env/certs/tls.crt | ||
| DSSLDRF_TLS_KEY_FILE=./env/certs/tls.key | ||
| LSTNER_HTTP_PORT=443 | ||
| LSTNER_HTTP_INTERFACE=0.0.0.0 | ||
| LSTNER_DNS_PORT=10053 | ||
| LSTNER_DNS_INTERFACE=0.0.0.0 | ||
| LSTNER_DNS_UDP=false | ||
| EOF | ||
|
|
||
| cat <<EOF > ui/.env | ||
| REACT_APP_CLIENT_ID=$AZURE_CLIENT_ID | ||
| REACT_APP_TENANT_ID=$AZURE_TENANT_ID | ||
| REACT_APP_API_HOST=http://localhost:8080/api | ||
| EOF | ||
|
|
||
| echo "Environment setup complete. Run: docker compose up" |
There was a problem hiding this comment.
The entire script appears to be duplicated. Line 74 ends without a newline and is immediately followed by #!/bin/bash on the same line, then the script content repeats from lines 74-146. This will cause the script to fail at line 74 when it tries to execute docker compose up."#!/bin/bash as a command.
The echo statement on line 74 should end with a newline, and the duplicate script content (lines 74-146) should be removed.
dusseldorf/ui/README.md
Outdated
|
|
||
| This is the graphical user interface for Dusseldorf, which provides an easy graphical human way to interface with Dusseldorf's API. | ||
|
|
||
| This runs as its own component, it's a static web page build in the React Framework, hosted as a static component within the API repository. |
There was a problem hiding this comment.
Typo: "build" should be "built".
Suggested change
| This runs as its own component, it's a static web page build in the React Framework, hosted as a static component within the API repository. | |
| This runs as its own component, it's a static web page built in the React Framework, hosted as a static component within the API repository. |
| in the console of the DevTools in your favourite browser to any value to change which API endpoint you talk to. | ||
|
|
||
| # Design | ||
| This UI is build upon the amazing [Fluent2](https://fluent2.microsoft.design/) design framework. |
There was a problem hiding this comment.
Typo: "build" should be "built".
Suggested change
| This UI is build upon the amazing [Fluent2](https://fluent2.microsoft.design/) design framework. | |
| This UI is built upon the amazing [Fluent2](https://fluent2.microsoft.design/) design framework. |
| cat <<EOF > ui/.env | ||
| REACT_APP_CLIENT_ID=$AZURE_CLIENT_ID | ||
| REACT_APP_TENANT_ID=$AZURE_TENANT_ID | ||
| REACT_APP_API_HOST=http://localhost:8080/api |
There was a problem hiding this comment.
REACT_APP_API_HOST is set to http://localhost:8080/api, which enforces unencrypted HTTP for the UI’s API calls. If the UI transmits authentication tokens (e.g., Azure OAuth flows) or sensitive data, this can be intercepted or modified on the network. Use HTTPS (e.g., https://localhost:8080/api with a trusted certificate) and ensure TLS is enforced in both client and server configs.
Suggested change
| REACT_APP_API_HOST=http://localhost:8080/api | |
| REACT_APP_API_HOST=https://localhost:8080/api |
…OST; divider usability improved; add Jest+Babel config
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Local development setup, Docker integration, UI enhancements, and minor code cleanups.
Local Development & Environment Setup
generate_devenv.shscript that interactively sets up environment variables, generates TLS certificates, initializes MongoDB with secure credentials and collections, and creates.envfiles for backend and UI components.UI Improvements
Enhanced API host resolution logic to prioritize
REACT_APP_API_HOST, thenlocalStorage, and finally default to"/api", * Increased the width of the divider inResizableSplitPaneland cleaned up the split panel's rendering logic for a better user experience when resizing UI panels. [1] [2]Minor documentation and code clarifications in DNS resolver logic and requirements update for compatibility. [1] [2] [3] [4]