Feature: add support for serving from custom path

.dockerignore

@@ -10,5 +10,5 @@ docs/
 node_modules/
 release.sh
 snapshot.sh
-!docker/etc/nginx/conf.d/default.conf
+!docker/etc/nginx/templates/default.conf.template
 !docker/docker-entrypoint.d/*.sh

docker/Dockerfile.alpine

@@ -9,8 +9,8 @@ ENV TZ=Etc/UTC \
     LANG=C.UTF-8 \
     # Set default settings that may get overridden to empty values by
     # the entrypoint script, if not explicitly provided by the user
-    OIDC_SCOPE="openid profile email"
-
+    OIDC_SCOPE="openid profile email" \
+    BASE_HREF="/"
 USER root
 
 # Copy the static HTML and JS files to the application directory
@@ -29,10 +29,13 @@ RUN chown -R 101:0 ${APP_DIR} \
 # See https://github.com/nginxinc/docker-nginx-unprivileged/blob/main/stable/alpine/Dockerfile#L139
 USER 101
 
+RUN mkdir /etc/nginx/templates
 # Setup entrypoint
-COPY --chown=101:0 ./docker/etc/nginx/conf.d/default.conf /etc/nginx/conf.d/default.conf
+COPY --chown=101:0 ./docker/etc/nginx/templates/default.conf.template /etc/nginx/templates/default.conf.template
+
 COPY --chmod=755 ./docker/docker-entrypoint.d/ /docker-entrypoint.d/
 
+
 # Specify the container working directory
 WORKDIR ${APP_DIR}
 
@@ -46,4 +49,4 @@ LABEL \
     org.opencontainers.image.source="https://github.com/DependencyTrack/frontend" \
     org.opencontainers.image.revision="${COMMIT_SHA}" \
     org.opencontainers.image.licenses="Apache-2.0" \
-    maintainer="steve.springett@owasp.org"
+    maintainer="steve.springett@owasp.org"

docker/docker-compose.yml

@@ -18,6 +18,7 @@ services:
       - dtrack-apiserver
     environment:
       - "API_BASE_URL=http://localhost:8081"
+      # - "BASE_HREF=/"
       # - "OIDC_ISSUER="
       # - "OIDC_CLIENT_ID="
       # - "OIDC_SCOPE="

docker/etc/nginx/conf.d/default.conf → docker/etc/nginx/templates/default.conf.template

@@ -6,11 +6,14 @@ server {
     root      /opt/owasp/dependency-track-frontend;
     index     index.html;
     try_files $uri $uri/ /index.html;
+
+    sub_filter '<base href=/'  '<base href=${BASE_HREF}';
+    sub_filter_once on;
   }
 
   error_page 500 502 503 504 /50x.html;
 
   location = /50x.html {
     root /usr/share/nginx/html;
   }
-}
+}

public/index.html

@@ -1,30 +1,38 @@
-<!DOCTYPE html>
+<!doctype html>
 <html>
   <head>
-    <meta charset="utf-8">
-    <meta http-equiv="X-UA-Compatible" content="IE=edge">
-    <meta name="viewport" content="width=device-width,initial-scale=1.0">
+    <meta charset="utf-8" />
+    <meta http-equiv="X-UA-Compatible" content="IE=edge" />
+    <meta name="viewport" content="width=device-width,initial-scale=1.0" />
     <title>Dependency-Track</title>
+    <base href="/" />
   </head>
   <body class="sidebar-minimized">
     <noscript>
-      <strong>We're sorry but this app doesn't work properly without JavaScript enabled. Please enable it to continue.</strong>
+      <strong
+        >We're sorry but this app doesn't work properly without JavaScript
+        enabled. Please enable it to continue.</strong
+      >
     </noscript>
     <div id="app"></div>
     <script type="text/javascript">
-      (function() {
+      (function () {
         if (!sessionStorage.length) {
           // Ask other tabs for session storage
           localStorage.setItem('getSessionStorage', Date.now());
-        };
+        }
         window.addEventListener('storage', function (event) {
           if (event.key == 'getSessionStorage') {
             // Some tab asked for the sessionStorage -> send it
-            localStorage.setItem('sessionStorage', JSON.stringify(sessionStorage));
+            localStorage.setItem(
+              'sessionStorage',
+              JSON.stringify(sessionStorage),
+            );
             localStorage.removeItem('sessionStorage');
           } else if (event.key == 'sessionStorage' && !sessionStorage.length) {
             // sessionStorage is empty -> fill it
-            var data = JSON.parse(event.newValue), value;
+            var data = JSON.parse(event.newValue),
+              value;
             for (key in data) {
               sessionStorage.setItem(key, data[key]);
             }

public/static/oidc-callback.html

@@ -33,7 +33,7 @@
             }
         }
 
-        axios.get("/static/config.json")
+        axios.get("./config.json")
             .then((response) => {
                 let config = response.data;
 

src/views/pages/Login.vue

@@ -103,7 +103,7 @@ import { ValidationObserver } from 'vee-validate';
 import BValidatedInputGroupFormInput from '../../forms/BValidatedInputGroupFormInput';
 import InformationalModal from '../modals/InformationalModal';
 import EventBus from '../../shared/eventbus';
-import { getRedirectUrl } from '../../shared/utils';
+import { getRedirectUrl, getContextPath } from '../../shared/utils';
 const qs = require('querystring');
 
 export default {
@@ -125,7 +125,10 @@ export default {
         userStore: new Oidc.WebStorageStateStore(),
         authority: this.$oidc.ISSUER,
         client_id: this.$oidc.CLIENT_ID,
-        redirect_uri: `${window.location.origin}/static/oidc-callback.html`,
+        redirect_uri:
+          getContextPath() !== ''
+            ? `${window.location.origin}${getContextPath()}/static/oidc-callback.html`
+            : `${window.location.origin}/static/oidc-callback.html`,
         response_type:
           this.$oidc.FLOW === 'implicit' ? 'token id_token' : 'code',
         scope: this.$oidc.SCOPE,

vue.config.js

@@ -5,7 +5,7 @@ module.exports = {
   productionSourceMap: false,
   runtimeCompiler: true,
   // Relative paths cannot be supported. Research by @nscur0 - https://owasp.slack.com/archives/CTC03GX9S/p1608400149085400
-  publicPath: '/',
+  publicPath: '.',
   devServer: {
     proxy: { '/api': { target: process.env.VUE_APP_SERVER_URL } },
   },