From dd689fd4a65d62832312b00b53835d973e1a8a36 Mon Sep 17 00:00:00 2001 From: Hunter Kehoe Date: Sat, 8 Oct 2022 17:20:14 -0600 Subject: [PATCH 1/5] strip trailing slash in "use another server" URL fixes #428 --- web/src/components/SubscribeDialog.js | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/web/src/components/SubscribeDialog.js b/web/src/components/SubscribeDialog.js index 9ab5a08f..d0c024e8 100644 --- a/web/src/components/SubscribeDialog.js +++ b/web/src/components/SubscribeDialog.js @@ -90,6 +90,13 @@ const SubscribePage = (props) => { return validTopic(topic) && !isExistingTopicUrl; } })(); + const updateBaseUrl = (ev, newVal) => { + if (validUrl(newVal)) { + props.setBaseUrl(newVal.replace(/\/$/, '')); // strip traililng / after https?:// + } else { + props.setBaseUrl(newVal); + } + }; return ( <> {t("subscribe_dialog_subscribe_title")} @@ -128,7 +135,7 @@ const SubscribePage = (props) => { options={existingBaseUrls} sx={{ maxWidth: 400 }} inputValue={props.baseUrl} - onInputChange={(ev, newVal) => props.setBaseUrl(newVal)} + onInputChange={updateBaseUrl} renderInput={ (params) => Date: Sat, 8 Oct 2022 21:02:55 -0600 Subject: [PATCH 2/5] docs for auth query param --- docs/publish.md | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/docs/publish.md b/docs/publish.md index 491327d9..f757a629 100644 --- a/docs/publish.md +++ b/docs/publish.md @@ -2678,6 +2678,25 @@ Here's a simple example: ])); ``` +#### Auth Query Param +In some instances, you may want to send auth credentials in the URL (e.g., a GET webhook or a JSON POST request). You +can use the `auth` query parameter. Set the value to the base64 encoding of the value of the `Authorization` header and strip any trailing `=`. **Be sure to only send auth credentials over an HTTPS connection** + +Here is an example: + +1. base64(user:pass) -> base64(testuser:fakepassword) -> dGVzdHVzZXI6ZmFrZXBhc3N3b3Jk +2. Authorization header -> Basic base64(testuser:fakepassword) -> Basic dGVzdHVzZXI6ZmFrZXBhc3N3b3Jk +3. base64(Authorization header) -> base64(Basic dGVzdHVzZXI6ZmFrZXBhc3N3b3Jk) -> QmFzaWMgZEdWemRIVnpaWEk2Wm1GclpYQmhjM04zYjNKaw== +4. remove trailing `=` (if any) -> QmFzaWMgZEdWemRIVnpaWEk2Wm1GclpYQmhjM04zYjNKaw== -> QmFzaWMgZEdWemRIVnpaWEk2Wm1GclpYQmhjM04zYjNKaw +5. add query param to URL -> https://ntfy.sh/topic -> https://ntfy.sh/topic?auth=QmFzaWMgZEdWemRIVnpaWEk2Wm1GclpYQmhjM04zYjNKaw + +!!! note + Do NOT remove trailing `=` after step 2 + +The following command will generate the appropriate value for you on *nix systems: + +```echo -n "Basic `echo -n 'testuser:fakepassword' | base64`" | base64 | tr -d '='``` + ### Message caching !!! info If `Cache: no` is used, messages will only be delivered to connected subscribers, and won't be re-delivered if a From ca5ec532613564bbb0728b107a0140a0fcc9ee8a Mon Sep 17 00:00:00 2001 From: Hunter Kehoe Date: Sat, 8 Oct 2022 21:22:05 -0600 Subject: [PATCH 3/5] improved docs --- docs/publish.md | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/docs/publish.md b/docs/publish.md index f757a629..71fc13bc 100644 --- a/docs/publish.md +++ b/docs/publish.md @@ -2680,15 +2680,17 @@ Here's a simple example: #### Auth Query Param In some instances, you may want to send auth credentials in the URL (e.g., a GET webhook or a JSON POST request). You -can use the `auth` query parameter. Set the value to the base64 encoding of the value of the `Authorization` header and strip any trailing `=`. **Be sure to only send auth credentials over an HTTPS connection** +can use the `auth` query parameter. Set the value to the base64 encoding of the value of the `Authorization` header +and strip any trailing `=`. **Be sure to only send auth credentials over an HTTPS connection** Here is an example: - -1. base64(user:pass) -> base64(testuser:fakepassword) -> dGVzdHVzZXI6ZmFrZXBhc3N3b3Jk -2. Authorization header -> Basic base64(testuser:fakepassword) -> Basic dGVzdHVzZXI6ZmFrZXBhc3N3b3Jk -3. base64(Authorization header) -> base64(Basic dGVzdHVzZXI6ZmFrZXBhc3N3b3Jk) -> QmFzaWMgZEdWemRIVnpaWEk2Wm1GclpYQmhjM04zYjNKaw== -4. remove trailing `=` (if any) -> QmFzaWMgZEdWemRIVnpaWEk2Wm1GclpYQmhjM04zYjNKaw== -> QmFzaWMgZEdWemRIVnpaWEk2Wm1GclpYQmhjM04zYjNKaw -5. add query param to URL -> https://ntfy.sh/topic -> https://ntfy.sh/topic?auth=QmFzaWMgZEdWemRIVnpaWEk2Wm1GclpYQmhjM04zYjNKaw +``` + Step 1. base64(user:pass) -> base64(testuser:fakepassword) -> dGVzdHVzZXI6ZmFrZXBhc3N3b3Jk + Step 2. Authorization header -> Basic base64(testuser:fakepassword) -> Basic dGVzdHVzZXI6ZmFrZXBhc3N3b3Jk + Step 3. base64(Authorization header) -> base64(Basic dGVzdHVzZXI6ZmFrZXBhc3N3b3Jk) -> QmFzaWMgZEdWemRIVnpaWEk2Wm1GclpYQmhjM04zYjNKaw== + Step 4. remove trailing `=` (if any) -> QmFzaWMgZEdWemRIVnpaWEk2Wm1GclpYQmhjM04zYjNKaw== -> QmFzaWMgZEdWemRIVnpaWEk2Wm1GclpYQmhjM04zYjNKaw + Step 5. add query param to URL -> https://ntfy.sh/topic -> https://ntfy.sh/topic?auth=QmFzaWMgZEdWemRIVnpaWEk2Wm1GclpYQmhjM04zYjNKaw +``` !!! note Do NOT remove trailing `=` after step 2 From cb8b3e54f6f2a7764287eb22a760fea6b824d409 Mon Sep 17 00:00:00 2001 From: Philipp Heckel Date: Sun, 9 Oct 2022 08:49:21 -0400 Subject: [PATCH 4/5] Release notes --- docs/releases.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/docs/releases.md b/docs/releases.md index 06f15e10..ebc0dee5 100644 --- a/docs/releases.md +++ b/docs/releases.md @@ -4,10 +4,15 @@ and the [ntfy Android app](https://github.com/binwiederhier/ntfy-android/release ## ntfy server v1.29.0 (UNRELEASED) +**Features:** + +* Allow IP CIDRs in `visitor-request-limit-exempt-hosts` ([#423](https://github.com/binwiederhier/ntfy/issues/423), thanks to [@karmanyaahm](https://github.com/karmanyaahm)) + **Bug fixes + maintenance:** * Subscriptions can now have a display name ([#370](https://github.com/binwiederhier/ntfy/issues/370), thanks to [@tfheen](https://github.com/tfheen) for reporting) * Bump Go version to Go 18.x ([#422](https://github.com/binwiederhier/ntfy/issues/422)) +* Web: Strip trailing slash when subscribing ([#428](https://github.com/binwiederhier/ntfy/issues/428), thanks to [@raining1123](https://github.com/raining1123) for reporting, and [@wunter8](https://github.com/wunter8) for fixing) **Documentation:** From 1b82beea6e95e611605fb61be75e3c8c7725924a Mon Sep 17 00:00:00 2001 From: Philipp Heckel Date: Sun, 9 Oct 2022 08:50:28 -0400 Subject: [PATCH 5/5] Typo --- web/src/components/SubscribeDialog.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/src/components/SubscribeDialog.js b/web/src/components/SubscribeDialog.js index d0c024e8..62cfeb28 100644 --- a/web/src/components/SubscribeDialog.js +++ b/web/src/components/SubscribeDialog.js @@ -92,7 +92,7 @@ const SubscribePage = (props) => { })(); const updateBaseUrl = (ev, newVal) => { if (validUrl(newVal)) { - props.setBaseUrl(newVal.replace(/\/$/, '')); // strip traililng / after https?:// + props.setBaseUrl(newVal.replace(/\/$/, '')); // strip trailing slash after https?:// } else { props.setBaseUrl(newVal); }