Fix regression in security iframe navigation logic with basename#63141
Merged
pierrejeambrun merged 5 commits intoMar 12, 2026
Conversation
bbovenzi
reviewed
Mar 9, 2026
JC-comp
suggested changes
Mar 10, 2026
…d handle basename
Contributor
Author
|
Simplified the iframe navigation logic using document.baseURI to handle the basename as suggested. I have also removed the newsfragment since it's a bugfix. All static checks are passing locally. |
bbovenzi
approved these changes
Mar 11, 2026
pierrejeambrun
approved these changes
Mar 12, 2026
github-actions Bot
pushed a commit
that referenced
this pull request
Mar 12, 2026
…asename (#63141) * Fix regression in security iframe navigation logic with basename * style: apply formatting to Security.tsx * fix(ui): remove hardcoded localhost fallback from Security iframe navigation * Add newsfragment for security iframe basename fix * Address review feedback: simplify security iframe navigation logic and handle basename (cherry picked from commit 8653aa8) Co-authored-by: Subham <subhamsangwan26@gmail.com>
Contributor
Backport successfully created: v3-1-testNote: As of Merging PRs targeted for Airflow 3.X In matter of doubt please ask in #release-management Slack channel.
|
Pyasma
pushed a commit
to Pyasma/airflow
that referenced
this pull request
Mar 13, 2026
…che#63141) * Fix regression in security iframe navigation logic with basename * style: apply formatting to Security.tsx * fix(ui): remove hardcoded localhost fallback from Security iframe navigation * Add newsfragment for security iframe basename fix * Address review feedback: simplify security iframe navigation logic and handle basename
pierrejeambrun
added a commit
that referenced
this pull request
Mar 16, 2026
…asename (#63141) (#63453) * [v3-1-test] Fix regression in security iframe navigation logic with basename (#63141) * Fix regression in security iframe navigation logic with basename * style: apply formatting to Security.tsx * fix(ui): remove hardcoded localhost fallback from Security iframe navigation * Add newsfragment for security iframe basename fix * Address review feedback: simplify security iframe navigation logic and handle basename (cherry picked from commit 8653aa8) Co-authored-by: Subham <subhamsangwan26@gmail.com> * Delete airflow-core/newsfragments/63141.bugfix.rst --------- Co-authored-by: Subham <subhamsangwan26@gmail.com> Co-authored-by: Jens Scheffler <95105677+jscheffl@users.noreply.github.com> Co-authored-by: Jarek Potiuk <jarek@potiuk.com> Co-authored-by: Pierre Jeambrun <pierrejbrun@gmail.com>
vatsrahul1001
pushed a commit
that referenced
this pull request
Mar 25, 2026
…asename (#63141) (#63453) * [v3-1-test] Fix regression in security iframe navigation logic with basename (#63141) * Fix regression in security iframe navigation logic with basename * style: apply formatting to Security.tsx * fix(ui): remove hardcoded localhost fallback from Security iframe navigation * Add newsfragment for security iframe basename fix * Address review feedback: simplify security iframe navigation logic and handle basename (cherry picked from commit 8653aa8) Co-authored-by: Subham <subhamsangwan26@gmail.com> * Delete airflow-core/newsfragments/63141.bugfix.rst --------- Co-authored-by: Subham <subhamsangwan26@gmail.com> Co-authored-by: Jens Scheffler <95105677+jscheffl@users.noreply.github.com> Co-authored-by: Jarek Potiuk <jarek@potiuk.com> Co-authored-by: Pierre Jeambrun <pierrejbrun@gmail.com>
2 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes a regression where the security iframe ignores the configured
AIRFLOW__API__BASE_URL(basename), causing valid navigation within the iframe to incorrectly redirect users to the root dashboard.The fix updates Security.tsx to read the
<base>tag'shref(the same approach used by router.tsx) and safely strips the basename from the iframe's pathname before checking if it starts with/auth/.closes: #63111