Oliver/semblance-dev
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add COOP header to Apache config — fix MSAL popup window.closed blocking

Browse source 
same-origin-allow-popups allows the Microsoft auth popup to communicate
back to the parent window, which is required for loginPopup to work.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Vadym Samoilenko 2026-03-20 14:25:00 +00:00
parent 361ef7bb6a
commit 2154ce946d
1 changed files with 8 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
deploy.sh
View file

@ -52,9 +52,16 @@ CONF="/etc/apache2/sites-enabled/optical-dev.oliver.solutions.conf"
if sudo grep -q "semblance_back" "$CONF" 2>/dev/null; then
echo "✓ Apache semblance config already present"
# Ensure COOP header is present (needed for MSAL popup auth)
if ! sudo grep -q "Cross-Origin-Opener-Policy" "$CONF" 2>/dev/null; then
echo "Adding COOP header for MSAL popup support..."
sudo sed -i "s|RewriteRule \^ index.html \[L\]|RewriteRule ^ index.html [L]\n Header set Cross-Origin-Opener-Policy \"same-origin-allow-popups\"|" "$CONF"
sudo apache2ctl configtest && sudo systemctl reload apache2
echo "✓ COOP header added"
fi
else
echo "Adding semblance blocks to Apache config..."
sudo sed -i "s|</VirtualHost>| # ----------------------------------------------------------------\n # Semblance — Quart/Hypercorn backend at :5137\n # ----------------------------------------------------------------\n\n # WebSocket (Socket.IO)\n RewriteCond %{HTTP:Upgrade} websocket [NC]\n RewriteCond %{HTTP:Connection} upgrade [NC]\n RewriteRule ^/semblance_back/socket.io/(.*) ws://127.0.0.1:5137/socket.io/\$1 [P,L]\n\n # REST API\n ProxyPass /semblance_back/api/ http://127.0.0.1:5137/api/\n ProxyPassReverse /semblance_back/api/ http://127.0.0.1:5137/api/\n\n # Socket.IO HTTP polling fallback\n ProxyPass /semblance_back/socket.io/ http://127.0.0.1:5137/socket.io/\n ProxyPassReverse /semblance_back/socket.io/ http://127.0.0.1:5137/socket.io/\n\n # Semblance SPA\n Alias /semblance $FRONTEND_DEST\n <Directory $FRONTEND_DEST>\n Options -Indexes +FollowSymLinks\n AllowOverride None\n Require all granted\n RewriteEngine On\n RewriteBase /semblance/\n RewriteCond %{REQUEST_FILENAME} !-f\n RewriteCond %{REQUEST_FILENAME} !-d\n RewriteRule ^ index.html [L]\n </Directory>\n\n</VirtualHost>|" "$CONF"
sudo sed -i "s|</VirtualHost>| # ----------------------------------------------------------------\n # Semblance — Quart/Hypercorn backend at :5137\n # ----------------------------------------------------------------\n\n # WebSocket (Socket.IO)\n RewriteCond %{HTTP:Upgrade} websocket [NC]\n RewriteCond %{HTTP:Connection} upgrade [NC]\n RewriteRule ^/semblance_back/socket.io/(.*) ws://127.0.0.1:5137/socket.io/\$1 [P,L]\n\n # REST API\n ProxyPass /semblance_back/api/ http://127.0.0.1:5137/api/\n ProxyPassReverse /semblance_back/api/ http://127.0.0.1:5137/api/\n\n # Socket.IO HTTP polling fallback\n ProxyPass /semblance_back/socket.io/ http://127.0.0.1:5137/socket.io/\n ProxyPassReverse /semblance_back/socket.io/ http://127.0.0.1:5137/socket.io/\n\n # Semblance SPA\n Alias /semblance $FRONTEND_DEST\n <Directory $FRONTEND_DEST>\n Options -Indexes +FollowSymLinks\n AllowOverride None\n Require all granted\n RewriteEngine On\n RewriteBase /semblance/\n RewriteCond %{REQUEST_FILENAME} !-f\n RewriteCond %{REQUEST_FILENAME} !-d\n RewriteRule ^ index.html [L]\n Header set Cross-Origin-Opener-Policy \"same-origin-allow-popups\"\n </Directory>\n\n</VirtualHost>|" "$CONF"
sudo apache2ctl configtest && sudo systemctl reload apache2
echo "✓ Apache config updated and reloaded"
fi