Disabling the masterkey IP filter doesn't work #8872
Comments
Thanks for opening this issue!
|
|
In your description that you are using |
It worked @mtrezza, thanks |
|
Issue resolved |
|
It seems it is not solved completely, we are still facing this problem!! even with using this config
|
|
You commented previously that it worked. Why does it not work now? We'd need a more detailed description of what has changed to investigate this further. |
I had removed the using master key by mistake so it didn't return error, but as soon as I added it, it started returning MasterKeyIps error. |
|
Could you post step-by-step instructions on how to replicate what you are seeing, including the complete Parse Server config (excl. sensitive data like DB URL) and the IP of the server instance on which you are running, plus the DNS resolution config of your Node.js environment and using debugging, where in code this fails? We have investigated this extensively in the past and others were reporting that it works after an explanation of how IP ranges work. So to investigate this, the fastest way would simply be you setting a breakpoint in code where the IP addresses is checked to find out what is failing. |
For the IP of the server instance is running: It is running on Heroku so it does not have a static IP address. Our code fails whenever we call a Job or call a cloud function the master key is used. This is where we get error in the code: This is our Parse server config: var config = {
databaseURI: databaseUri || "mongodb://localhost:27017/dev",
cloud: process.env.CLOUD_CODE_MAIN || __dirname + "/cloud/main.js",
appId: process.env.APP_ID || "********************",
publicServerURL:
process.env.PUBLIC_SERVER_URL || "http://localhost:1337/parse",
masterKey: process.env.MASTER_KEY || "********************", //Add your master key here. Keep it secret!
serverURL: process.env.SERVER_URL || "http://localhost:1337/parse", // Don't forget to change to https if needed
liveQuery: {
classNames: [], // List of classes to support for query subscriptions
redisURL: process.env.REDISCLOUD_URL || process.env.REDIS_URL
},
filesAdapter: azureAdapter,
allowClientClassCreation: false,
allowCustomObjectId: false,
cacheAdapter: redisCache,
enableAnonymousUsers: false,
jsonLogs: true,
maxLimit: 150,
verbose: process.env.NODE_ENV == 'dev' ? 1 : 0,
silent: process.env.NODE_ENV == 'dev' ? 0 : 1,
maxUploadSize: "150mb",
restAPIKey: process.env.REST_API_KEY || "********************",
javascriptKey:
process.env.JAVASCRIPT_KEY || "********************",
revokeSessionOnPasswordReset: true,
protectedFields: {},
masterKeyIPs: ['0.0.0.0/0', '::/0']
};``` |
|
|
@mtrezza I edited Parse Server and with printing masterKeyIps I found that the problem was incorrect spelling of |
|
Great, so we can close this issue? It may be a good feature to log a warning in case of a unknown option to prevent this. Could you open a new quick issue for this, so we can track this as a feature suggestion? |
thank you. it work now. |
New Issue Checklist
Issue Description
According to issue #8421 , I tried to disable IP filter manually by using
masterKeyIPs: ['0.0.0.0/0', '::0'], however, as someone else mentioned in the #8421 , it is not working and it returns unauthorized errorParseError: unauthorized at handleError (/app/node_modules/parse/lib/node/RESTController.js:298:17) at process.processTicksAndRejections (node:internal/process/task_queues:95:5) at async Object.startJob (/app/node_modules/parse/lib/node/Cloud.js:140:22) { code: undefined }Steps to reproduce
Set the
masterKeyIPs: ['0.0.0.0/0', '::0']Actual Outcome
ParseError: unauthorized at handleError (/app/node_modules/parse/lib/node/RESTController.js:298:17) at process.processTicksAndRejections (node:internal/process/task_queues:95:5) at async Object.startJob (/app/node_modules/parse/lib/node/Cloud.js:140:22) { code: undefined }Expected Outcome
Expected disable the masterkey IP
Server
6.4.0Database
MongoDBClient
JavaScript4.3.1The text was updated successfully, but these errors were encountered: