For requests where the content type begins with
"application/grpc-web", envoy will check for a "gdebug-xsrf-token"
cookie and header. The values must both exist, be non empty strings,
and match. If this is not the case, return with a http 401.
It is the responsibility of the proxy and webapp to cooperate and
never make RPCs that it should not make.
Rather than importing the script with a <script> tag, use angular's
build system to import the script. This makes our HTML consistent
internally and externally, and is probably the way to go if we want to
use the library in unit tests.
This makes the output easier to use, and there's not a real need for
uglified js in this tool. This also eliminates the hash appended to
the output filenames.
Build a self contained channelz.js from a channelz.proto.
Running buildscripts/channelz_codgen.sh will produce a
web/channelzui/src/assets/channelz.js that reflects the SHA
specified in the scripts.
The script fetches grpc/grpc-web to get the prereq docker image, does
some additional setup, and then runs the code gen script.
We can modify the internal version of main.ts to use
goog.require to load any internal Any packed messages, and call
registerProtoAnyToStringFn.
This is simpler than keeping standalone .js files that are all
loaded together in the browser via <script src="...">.
goog.require appears to be a noop in OSS if we load the .js file with a <script> tag.
This will make imports easier.
- Add dockers for envoy, static assets www server, docker-compose
config generator script. We use `network_mode: host` so that the
loopback addresses within the docker resolve to the host.
- Update build script and angular.json so that copmilation outputs go
directly into the static assets docker directory.
- Update README.md
- remove CORS
- the grpc web host should be window.location.origin, ie the envoy
reverse proxy port
The grpc-web generated library is loaded in the html page via a
<script src="...">, and from the angular app's point of view, the
proto variable is just an arbitrary external javascript handle.
The envoy proxy host+port is controlled by environment.ts
and environment.prod.ts. This may change if it proves problematic
when integrating with envoy.
The binary protos must be manually turned into human friendly strings,
because js protos can not be dumped as JSONs.
This is required for the 'ng build' command to be available, which
is how angular apps are built on the CLI.
Previously I was too aggressive in pruning packages to fix the security
audit findings and removed this package.
Lidi Zheng