fix(compass-web): adjust sandbox code for cloud backend and electron changes COMPASS-9569 #7128
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
gribnoysup
commented
Jul 21, 2025
| /Module not found.+?(mongo_crypt_v1.(dll|so|dylib)|@mongodb-js\/zstd|aws-crt|gcp-metadata)/, | ||
| // Optional, comes from emotion trying to (safely) use react apis that we | ||
| // don't have in React 17 | ||
| /export 'useInsertionEffect'/, |
Collaborator
Author
There was a problem hiding this comment.
Drive-by, was really noisy in webpack logs and we know it's okay to ignore
gribnoysup
commented
Jul 21, 2025
| return new URL(url, 'http://localhost').pathname.startsWith('/v2/'); | ||
| } | ||
|
|
||
| async #getCSRFHeaders() { |
Collaborator
Author
There was a problem hiding this comment.
Drive-by, we moved this logic to the client some time ago and forgot to remove this
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
gribnoysup
changed the title
gribnoysup
commented
Jul 21, 2025
| return {}; | ||
| } | ||
|
|
||
| // When cloud session expires, cloud backend will send a new set of |
Collaborator
Author
There was a problem hiding this comment.
Another drive-by, should make sure we're not logged out as often in sandbox
Anemy
approved these changes
Jul 21, 2025
| const tld = CLOUD_CONFIG_VARIANTS === 'local' ? 'localhost' : 'mongodb.com'; | ||
| const cloudHostCookies = (await session.defaultSession.cookies.get({})) | ||
| .filter((cookie) => { | ||
| return cookie.domain?.endsWith(tld) ?? true; |
Member
There was a problem hiding this comment.
Ah TIL domain isn't always there https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/Cookies#define_where_cookies_are_sent
Collaborator
Author
There was a problem hiding this comment.
Hah, yeah, I was mostly going off of types here, I think for proxy purposes it's easier to include the ones that don't have any value there just in case
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Our compass-web with Atlas Cloud tests started failing consistently around July 14th and it took awhile to track the issue: seems like the scoping for the auth cookies changed at some point in the cloud backend and so the cookie filtering logic just stopped working (I was also kinda expecting the tld to include the subdomains, but I don't think that assumption was true)
The fix is to adjust the filtering to pick up everything that includes the cloud tld domain. At least locally it seems to fix issues for me