From ea7ee46c4875fd862360e1ee1fb78ca3860c3e0f Mon Sep 17 00:00:00 2001
From: Matthias Mohr <webmaster@mamo-net.de>
Date: Wed, 10 Jul 2024 14:21:30 +0200
Subject: [PATCH] Allow Web Editor to connect to localhost from HTTPS context

---
 src/components/ConnectForm.vue | 22 +++++++++++++---------
 1 file changed, 13 insertions(+), 9 deletions(-)

diff --git a/src/components/ConnectForm.vue b/src/components/ConnectForm.vue
index 3f9bf6f6..71c00dc7 100644
--- a/src/components/ConnectForm.vue
+++ b/src/components/ConnectForm.vue
@@ -123,15 +123,8 @@ export default {
 		...Utils.mapState(['connectionError', 'authProviders', 'isAuthenticated']),
 		...Utils.mapGetters(['isConnected', 'isDiscovered', 'title']),
 		...Utils.mapState('editor', ['storedServers']),
-		isLocal() {
-			return Boolean(
-				window.location.hostname === 'localhost' ||
-				window.location.hostname === '[::1]' ||
-				window.location.hostname.match(/^127(?:\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){3}$/)
-			);
-		},
 		httpsUrl() {
-			if (this.$config.showHttpWarning && !this.isLocal && window.location.protocol === 'http:') {
+			if (this.$config.showHttpWarning && !this.isLocalUrl(window.location) && window.location.protocol === 'http:') {
 				return window.location.toString()
 					.replace(/^http:/i, 'https:')
 					.replace(/([\?&]server=http)(:|%3A)/, '$1s$2');
@@ -244,6 +237,14 @@ export default {
 		...Utils.mapMutations(['reset']),
 		...Utils.mapMutations('editor', ['addServer', 'removeServer']),
 
+		isLocalUrl(url) {
+			return Boolean(
+				url.hostname === 'localhost' ||
+				url.hostname === '[::1]' ||
+				url.hostname.match(/^127(?:\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){3}$/)
+			);
+		},
+
 		showHelp() {
 			if (!this.isConnected) {
 				this.broadcast('showTour', 'connect');
@@ -314,11 +315,14 @@ export default {
 			if (!serverUrl.match(/^https?:\/\//i)) {
 				serverUrl = `https://${serverUrl}`;
 			}
+
 			if (!Utils.isUrl(serverUrl)) {
 				Utils.error(this, 'The server given is not a valid URL.');
 				return;
 			}
-			else if (window.location.protocol === 'https:' && serverUrl.toLowerCase().substr(0,6) !== 'https:') {
+
+			const url = new URL(serverUrl);
+			if (window.location.protocol === 'https:' && url.protocol !== 'https:' && !this.isLocalUrl(url)) {
 				Utils.error(this, 'You are trying to connect to a server with HTTP instead of HTTPS, which is insecure and prohibited by web browsers. Please use HTTPS instead.');
 				return;
 			}