So, I just noticed that when users enter an app through the raw.ic0.app URL versus the ic0.app URL, they’re given a whole a separate principal. This results in different data being rendered. Is there any way to have the raw.ic0.app Version redirect the user to the ic0.app Version?
As with any other website, the Host header tells you what domain was requested. We already do this in the certified assets crate/canister:
2 Likes
Are you talking about Internet Identity?
If that’s the case, indeed the principal will change depending on the origin initiating the authentication, meaning if you’ll get a different principal depending on whether you’re coming from foo.raw.ic0.app or foo.ic0.app. This is made clear in the II integration doc but I know some apps did struggle with this in the early days and now pretty much all implemented some sort of redirect.
1 Like
Would you be able to provide a link to a code reference?
The Internet Identity webapp gets the event from the dapp trying to authenticate and calls handleAuthRequest, forwarding the event.origin (i.e. foo.{raw.}ic0.app): internet-identity/auth.ts at df3a0ec0f8594a8a885f843b50b67bb410bf5df5 · dfinity/internet-identity · GitHub
The handleAuthRequest will then make a call to the canister to get the principal: internet-identity/fetchDelegation.ts at df3a0ec0f8594a8a885f843b50b67bb410bf5df5 · dfinity/internet-identity · GitHub internet-identity/iiConnection.ts at df3a0ec0f8594a8a885f843b50b67bb410bf5df5 · dfinity/internet-identity · GitHub
And the canister will basically hash the anchor (“user number” in code) with the origin/hostname: internet-identity/main.rs at df3a0ec0f8594a8a885f843b50b67bb410bf5df5 · dfinity/internet-identity · GitHub internet-identity/main.rs at df3a0ec0f8594a8a885f843b50b67bb410bf5df5 · dfinity/internet-identity · GitHub
Hope this helps!