Balena public device url CSRF

kworz · May 29, 2024, 4:24pm

Hey everyone,

I’m using a Sveltekit app which is served behind a nginx reverse-proxy, this reverse proxy can be accessed with the balena public URL.

On the device i serve this proxy on a webkit frontend so there is no issues in this way, but when using the balena remote url, i have some CSRF issues with form actions.

Is there any piece of information about the Balena remote url that could help me ?
Im looking for headers specifications for example or how is routed trafic from the url to the machine?

thank you

mpous · May 30, 2024, 11:34am

Hello @kworz

I have a first question. For you balena remote url means balena public URL?

The traffic is routed through a VPN proxy that we use called Cloudlink. You can read some more information in our docs here.

Could you please share what exactly would you need to use on the top of the balena public device URL?

Topic		Replies	Views
How to enable Public URL via cURL Product support	1	499	June 10, 2019
Using Public URL to access webpages on local network Product support	26	942	August 20, 2021
Error with public device URL Product support raspberrypi3	1	522	October 6, 2020
Expose port other than 80 to device public URL Product support	6	1595	October 15, 2020
Problem accessing device via public URL. Product support	4	496	June 12, 2020

Balena public device url CSRF

Related topics