fix(ui): use feature detection for crypto.randomUUID to support HTTP deployments#1867
Closed
wsszh wants to merge 1 commit into
Closed
fix(ui): use feature detection for crypto.randomUUID to support HTTP deployments#1867wsszh wants to merge 1 commit into
wsszh wants to merge 1 commit into
Conversation
wsszh
requested review from
EItanya,
ilackarms,
iplay88keys,
jmhbh,
peterj,
supreme-gg-gg and
yuval-k
as code owners
Contributor
There was a problem hiding this comment.
Pull request overview
This PR aims to support UI deployments served over plain HTTP by adding a configurable ID generation helper and wiring a Helm value into the UI deployment environment.
Changes:
- Adds
generateId()inui/src/lib/utils.tsusing either nativecrypto.randomUUID()oruuid. - Replaces direct
crypto.randomUUID()usages in agent/prompt/sandbox form code. - Adds
ui.allowHttpHelm configuration and passes it asNEXT_PUBLIC_ALLOW_HTTP.
Reviewed changes
Copilot reviewed 7 out of 7 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
ui/src/lib/utils.ts |
Adds shared ID generation utility. |
ui/src/lib/promptSourceRow.ts |
Uses shared ID generation for prompt source rows. |
ui/src/lib/openClawSandboxForm.ts |
Uses shared ID generation for sandbox channel rows. |
ui/src/components/prompts/FragmentEntriesEditor.tsx |
Uses shared ID generation for fragment row IDs. |
ui/src/app/agents/new/page.tsx |
Uses shared ID generation in agent form prompt source handling. |
helm/kagent/values.yaml |
Adds ui.allowHttp chart value. |
helm/kagent/templates/ui-deployment.yaml |
Adds NEXT_PUBLIC_ALLOW_HTTP env var to the UI container. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
+41
to
+49
| * Generate a unique ID. Uses the native crypto.randomUUID() in Secure Contexts | ||
| * (HTTPS/localhost). For plain HTTP deployments, set NEXT_PUBLIC_ALLOW_HTTP=true | ||
| * in the Helm values to use the uuid package fallback (crypto.getRandomValues). | ||
| */ | ||
| export function generateId(): string { | ||
| if (process.env.NEXT_PUBLIC_ALLOW_HTTP === "true") { | ||
| return uuidv4(); | ||
| } | ||
| return crypto.randomUUID(); |
…deployments crypto.randomUUID() requires a Secure Context (HTTPS or localhost). Deployments served over plain HTTP crash on /agents/new with "Uncaught TypeError: crypto.randomUUID is not a function". Add a generateId() utility that detects crypto.randomUUID availability at runtime and falls back to the uuid package (already a dependency) when unavailable. Replace all 8 crypto.randomUUID() call sites. Signed-off-by: wsszh <wsszh@users.noreply.github.com> Signed-off-by: sup <sup@supdeMacBook-Pro.local>
wsszh
force-pushed
the
fix/allow-http-uuid-fallback
branch
from
d81a4b7 to
f353b84
Compare
wsszh
changed the title
github-actions
Bot
added
bug
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
crypto.randomUUID()which requires a Secure Context (HTTPS or localhost). Deployments served over plain HTTP crash on/agents/newwithUncaught TypeError: crypto.randomUUID is not a function.generateId()utility inui/src/lib/utils.tsthat detectscrypto.randomUUIDavailability at runtime and falls back to theuuidpackage (already a dependency, v14) when unavailable.crypto.randomUUID()call sites across 4 source files.Changes
ui/src/lib/utils.tsgenerateId()with runtime feature detectionui/src/lib/promptSourceRow.tscrypto.randomUUID()→generateId()ui/src/lib/openClawSandboxForm.tscrypto.randomUUID()→generateId()ui/src/components/prompts/FragmentEntriesEditor.tsxcrypto.randomUUID()→generateId()ui/src/app/agents/new/page.tsxcrypto.randomUUID()→generateId()Context
crypto.randomUUID()is a Web Crypto API gated behind Secure Context. Any deployment accessed viahttp://(common in internal/dev clusters without TLS termination) crashes when rendering the agent creation form. Theuuidnpm package (v14, already inpackage.json) usescrypto.getRandomValues()which works in all contexts.The fix uses runtime feature detection (
typeof crypto.randomUUID === "function") rather than a build-time env var, so it works with the pre-built Docker image regardless of deployment configuration.ui/public/mockServiceWorker.jsalso callscrypto.randomUUID()but is auto-generated by MSW and runs in a Service Worker context (always secure), so it is not modified.Test plan
cd ui && npm run buildpassescd ui && npm run lintpasses/agents/new→ "Skip wizard" → form loads without crashcrypto.randomUUID()grep -r 'crypto.randomUUID' ui/src/returns onlyutils.tsfeature-detection branch (andmockServiceWorker.js)