Skip to content

Fix regression in security iframe navigation logic with basename#63141

Merged
pierrejeambrun merged 5 commits into
apache:mainfrom
Subham-KRLX:fix/security-iframe-basename
Mar 12, 2026
Merged

Fix regression in security iframe navigation logic with basename#63141
pierrejeambrun merged 5 commits into
apache:mainfrom
Subham-KRLX:fix/security-iframe-basename

Conversation

@Subham-KRLX

Copy link
Copy Markdown
Contributor

Fixes a regression where the security iframe ignores the configured AIRFLOW__API__BASE_URL (basename), causing valid navigation within the iframe to incorrectly redirect users to the root dashboard.

The fix updates Security.tsx to read the <base> tag's href (the same approach used by router.tsx) and safely strips the basename from the iframe's pathname before checking if it starts with /auth/.

closes: #63111

@boring-cyborg boring-cyborg Bot added the area:UI Related to UI/UX. For Frontend Developers. label Mar 8, 2026
Comment thread airflow-core/src/airflow/ui/src/pages/Security.tsx Outdated
Comment thread airflow-core/src/airflow/ui/src/pages/Security.tsx Outdated

@pierrejeambrun pierrejeambrun left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for catching this. I believe it can be simplified. Tested and working as expected.

Comment thread airflow-core/newsfragments/63141.bugfix.rst
Comment thread airflow-core/src/airflow/ui/src/pages/Security.tsx
@Subham-KRLX

Copy link
Copy Markdown
Contributor Author

Simplified the iframe navigation logic using document.baseURI to handle the basename as suggested. I have also removed the newsfragment since it's a bugfix. All static checks are passing locally.

@pierrejeambrun pierrejeambrun merged commit 8653aa8 into apache:main Mar 12, 2026
148 of 149 checks passed
github-actions Bot pushed a commit that referenced this pull request Mar 12, 2026
…asename (#63141)

* Fix regression in security iframe navigation logic with basename

* style: apply formatting to Security.tsx

* fix(ui): remove hardcoded localhost fallback from Security iframe navigation

* Add newsfragment for security iframe basename fix

* Address review feedback: simplify security iframe navigation logic and handle basename
(cherry picked from commit 8653aa8)

Co-authored-by: Subham <subhamsangwan26@gmail.com>
@github-actions

Copy link
Copy Markdown
Contributor

Backport successfully created: v3-1-test

Note: As of Merging PRs targeted for Airflow 3.X
the committer who merges the PR is responsible for backporting the PRs that are bug fixes (generally speaking) to the maintenance branches.

In matter of doubt please ask in #release-management Slack channel.

Status Branch Result
v3-1-test PR Link

Pyasma pushed a commit to Pyasma/airflow that referenced this pull request Mar 13, 2026
…che#63141)

* Fix regression in security iframe navigation logic with basename

* style: apply formatting to Security.tsx

* fix(ui): remove hardcoded localhost fallback from Security iframe navigation

* Add newsfragment for security iframe basename fix

* Address review feedback: simplify security iframe navigation logic and handle basename
pierrejeambrun added a commit that referenced this pull request Mar 16, 2026
…asename (#63141) (#63453)

* [v3-1-test] Fix regression in security iframe navigation logic with basename (#63141)

* Fix regression in security iframe navigation logic with basename

* style: apply formatting to Security.tsx

* fix(ui): remove hardcoded localhost fallback from Security iframe navigation

* Add newsfragment for security iframe basename fix

* Address review feedback: simplify security iframe navigation logic and handle basename
(cherry picked from commit 8653aa8)

Co-authored-by: Subham <subhamsangwan26@gmail.com>

* Delete airflow-core/newsfragments/63141.bugfix.rst

---------

Co-authored-by: Subham <subhamsangwan26@gmail.com>
Co-authored-by: Jens Scheffler <95105677+jscheffl@users.noreply.github.com>
Co-authored-by: Jarek Potiuk <jarek@potiuk.com>
Co-authored-by: Pierre Jeambrun <pierrejbrun@gmail.com>
vatsrahul1001 pushed a commit that referenced this pull request Mar 25, 2026
…asename (#63141) (#63453)

* [v3-1-test] Fix regression in security iframe navigation logic with basename (#63141)

* Fix regression in security iframe navigation logic with basename

* style: apply formatting to Security.tsx

* fix(ui): remove hardcoded localhost fallback from Security iframe navigation

* Add newsfragment for security iframe basename fix

* Address review feedback: simplify security iframe navigation logic and handle basename
(cherry picked from commit 8653aa8)

Co-authored-by: Subham <subhamsangwan26@gmail.com>

* Delete airflow-core/newsfragments/63141.bugfix.rst

---------

Co-authored-by: Subham <subhamsangwan26@gmail.com>
Co-authored-by: Jens Scheffler <95105677+jscheffl@users.noreply.github.com>
Co-authored-by: Jarek Potiuk <jarek@potiuk.com>
Co-authored-by: Pierre Jeambrun <pierrejbrun@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

area:UI Related to UI/UX. For Frontend Developers.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Regression in security iframe navigation logic (ignores basename)

5 participants