-
Notifications
You must be signed in to change notification settings - Fork 696
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix valet share over TLS secure #156
Conversation
This folder is generated by PhoStorm IDE.
Check if a given domain in valet is secure or not.
Now when we have a link secured over TLS the command `valet share` will create other link for an unsecure link and this unsecure link will be used for ngrok. When the ngrok url is closed that unsecure link is destroyed again.
Fix valet share over TLS secure
info('The ['.$item.'] site has been secured with a TLS certificate.'); | ||
} | ||
} | ||
})->descriptions('List all secured domain with a trusted TLS certificate'); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"secured domain" should probably be "secured domains"
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for your point
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What do you think about it?
valet secured: Returns a list with all secured domains.
or
valet secured: Try the following syntax command: valet secured [domain]
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
While looking at your additions of secured [domain]
and secures
it strikes me that now there are 4 variants of secure
in valet commands, and this might not be a good thing.
- secure [domain]
- unsecure [domain]
- secured [domain]
- secures
That feels like it may breed confusion.
Is there a way to just call isSecured
without needing the secures
/secured
commands?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I guess, it's possible I remove secures command, Can I continue with secured [domain] command?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I already removes valet secures
.
I guess it would become more clear when actually using |
This method check if a given url is secured over TLS or not.
valet secured [domain]: Will check if a url or the current path is secured over TLS. valet secures: List all secured sites.
Once that the valet.php secured now returns YES or NO, instead of a string when the domain is secured.
Update valet share command over TLS
I had update some things on my code to better readability. |
For prevent some breed confusion.
Removes valet secures
Question: doesn't unlinking the temporary domain break all the ngrok activity, since all the serving it's doing happens after the unlink? |
@drbyte I will test it. But I guess will don't break, once that unlink command it's executed only after the ngrok is stopped. |
Hey @drbyte the behavior of my implementation link and unlink is the same of the current valet implementation, briefing the unlink is just made after ngrok is stopped (Ctrl + C). |
Oh, right. The script stays running until ngrok is stopped. ;) Given that using https requires ngrok pro, I'm okay with this workaround ... for non-pro anyway. I don't have an ngrok pro account to test any of this with, but I'm guessing that those who do might want it to still serve secured, instead of bypassing it with this. |
I bought a PRO version just for tests all commands using TLS, but not works, then I mail to its founder, and his answer was:
|
@RafaelPlantard Do you know how to do a rebase of all your commits here, so that the PR is just a clean single commit? |
@drbyte @adamwathan @taylorotwell there is some date to accept/refuse this PR? |
@RafaelPlantard is correct, github has built in squashing @drbyte |
Yes, it does, but squashing your own commits is a much nicer way to play.
Anyway, it was just a question, leading to a suggestion.
|
Hey folks, So my instinct with this one is to just not support If that feature of ngrok requires a paid ngrok account, I think the easiest thing to do is just output a warning that lets the user know the site can't be shared unless they unsecure it. My reasoning is just that if you are actually using TLS locally, there's probably a reason for it. And if there's a reason for it (like your won't function properly without it), then sharing the site unsecured through another alias is just going to cause confusion when it doesn't work properly for the person it's being shared with. If someone has a paid ngrok account that does support this, I think I would just recommend they use ngrok directly instead of relying on Valet to create the share URL. Again I think creating the unsecured alias silently and sharing that will just lead to more bug reports and confusion. Better to tell the user they need to unsecure manually before sharing, so if their app actually requires TLS to work properly, it'll be very obvious to them why they might have issues with the share URL. Sorry! |
same issue here valet share does not work if the valet secure is applied for the project |
@msonowal Yup as you can read in my comment directly above yours, it's a known limitation. |
To version: 2.1.18
This makes it possible to still access the site via http if it is secure This touches laravel#382, laravel#148, laravel#156, laravel#504
Now when we have a link secured over TLS the command valet share will create other link for an unsecure link and this unsecure link will be used for ngrok.
When the ngrok url is closed that unsecure link is destroyed again.
The stack for this PR is at #148.
Please, see this: @adamwathan @drbyte