mirror of
https://github.com/BookStackApp/BookStack.git
synced 2024-10-01 01:36:00 -04:00
PWA: Prevent passing credentials to avoid redirection issues
For #4649 More of a patch around the issue for now. Have opened #4656 to properly address.
This commit is contained in:
parent
889b0dae3b
commit
ea0469e61a
@ -6,6 +6,11 @@ class PwaManifestBuilder
|
||||
{
|
||||
public function build(): array
|
||||
{
|
||||
// Note, while we attempt to use the user's preference here, the request to the manifest
|
||||
// does not start a session, so we won't have current user context.
|
||||
// This was attempted but removed since manifest calls could affect user session
|
||||
// history tracking and back redirection.
|
||||
// Context: https://github.com/BookStackApp/BookStack/issues/4649
|
||||
$darkMode = (bool) setting()->getForCurrentUser('dark-mode-enabled');
|
||||
$appName = setting('app-name');
|
||||
|
||||
|
@ -29,7 +29,7 @@
|
||||
<link rel="icon" type="image/png" sizes="32x32" href="{{ setting('app-icon-32') ?: url('/icon-32.png') }}">
|
||||
|
||||
<!-- PWA -->
|
||||
<link rel="manifest" href="{{ url('/manifest.json') }}" crossorigin="use-credentials">
|
||||
<link rel="manifest" href="{{ url('/manifest.json') }}">
|
||||
<meta name="mobile-web-app-capable" content="yes">
|
||||
|
||||
@yield('head')
|
||||
|
@ -24,9 +24,7 @@ class PwaManifestTest extends TestCase
|
||||
{
|
||||
$html = $this->asViewer()->withHtml($this->get('/'));
|
||||
|
||||
// crossorigin attribute is required to send cookies with the manifest,
|
||||
// so it can react correctly to user preferences (dark/light mode).
|
||||
$html->assertElementExists('head link[rel="manifest"][href$="manifest.json"][crossorigin="use-credentials"]');
|
||||
$html->assertElementExists('head link[rel="manifest"][href$="manifest.json"]');
|
||||
$html->assertElementExists('head meta[name="mobile-web-app-capable"][content="yes"]');
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user