apunkt/SurfSense
1
0
Fork 0
mirror of https://github.com/MODSetter/SurfSense.git synced 2026-05-25 19:15:18 +02:00
Code Issues Projects Releases Packages Wiki Activity

fix(desktop): bind bundled Next.js on localhost to keep window origin stable

Browse source 
Setting HOSTNAME=0.0.0.0 made Next.js standalone canonicalize request.url to
http://0.0.0.0:PORT. The connector OAuth callback's NextResponse.redirect built
its Location from that URL, so navigating it flipped window.location.origin from
http://localhost:PORT to http://0.0.0.0:PORT. The backend CORS allowlist matches
localhost/127.0.0.1 only, blocking every subsequent API call until app restart —
producing the "no internet" / app-down state after connecting any connector.
This commit is contained in:
CREDO23 2026-05-22 19:37:19 +02:00
parent b9403b1720
commit d5284b3076
1 changed files with 2 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

3
surfsense_desktop/src/modules/server.ts
View file

@ -39,7 +39,8 @@ export async function startNextServer(): Promise<void> {
const serverScript = path.join(standalonePath, 'server.js'); const serverScript = path.join(standalonePath, 'server.js');
process.env.PORT = String(serverPort); process.env.PORT = String(serverPort);
process.env.HOSTNAME = '0.0.0.0'; // Loopback bind: 0.0.0.0 leaks into request.url and flips window origin via NextResponse.redirect.
process.env.HOSTNAME = 'localhost';
process.env.NODE_ENV = 'production'; process.env.NODE_ENV = 'production';
process.chdir(standalonePath); process.chdir(standalonePath);