Stray /None/ in API calls to api/v2/config/main

[timbrigham-oc]

Describe the bug
Calls to api/v2/config/main contain a stray 'None' in the URL, for example None/api/v2/config/main.

To Reproduce
Steps to reproduce the behavior:
Pull the current main branch for CALDERA per install docs. Enable SSL plugin (this isn't a problem using the default http://localhost:8888).

This results in 405 errors at the following URL: https://caldera.example.com/None/api/v2/config/main when attempting to sign in (at a minimum)

Expected behavior
The problem appears to be the '/None/' in the URL. Once I had a cookie and could successfully auth, I was able to verify https://caldera.example.com/api/v2/config/main returns data.

Desktop (please complete the following information):
I've seen this across multiple modern browsers - Edge, Chome, Firefox all have the same behavior.

Additional context
This can be avoided by a hotfix to the haproxy config to bounce the call to the internal address, but it doesn't address the underlying issue.

This screenshot shows my custom redirect (302 status code instead of 405 before I adjusted the config) as well as the underlying error still being present.

frontend caldera-https
    bind *:443 ssl crt plugins/ssl/conf/certificate.pem
    bind *:8443 ssl crt plugins/ssl/conf/certificate.pem
    http-request add-header proxy_port 443
    http-request set-header X-Forwarded-Proto https
    # These two lines are what I've updated
    acl is_none_api path_beg /None/api
    http-request redirect location %[path,regsub(^/None,)] if is_none_api  
    default_backend caldera_server

backend caldera_server
    balance leastconn
    cookie SERVERUSED insert indirect nocache
    default-server maxconn 20
    server caldera_main 127.0.0.1:8888 cookie caldera_main

[timbrigham-oc]

Ok, looks like that behavior isn't limited to just the sign in page.. I updated the ACL / redirect definition with the following for a wider application. Also, I did not have a app.frontend.api_base_url configured in my yml config file previously.. I updated that, same issue.

This is what I'm using now, and it looks like everything loads over SSL as it should.

acl is_none_api path -i -m sub /None/api
http-request redirect location %[path,regsub(^.*/None/api,/api)] if is_none_api

@elegantmoose , @daw1012345 , before I pull 5.2 and risk nuking any local changes (I always disable minification in vite.config.js at a minimum), does this look like it's related?

[timbrigham-oc]

Ugh.. I just love writing something up in question format then finding the issue 10 minutes later.

If the plugins/magma/.env file is set to VITE_CALDERA_URL=None you see the behavior express as I've mentioned here.

Setting the value correctly fixes the issue, so the upgrade to 5.2 should address me as well. Looks like I have a todo item for tomorrow.

[daw1012345]

Hey @timbrigham-oc , glad you figured out the issue. My PR's purpose was exactly to avoid issues like this.

[timbrigham-oc]

Thanks @daw1012345, that really is a great fix. I pulled the latest commits for magma and I'm golden now.