mirror of
https://github.com/DeBrosOfficial/orama.git
synced 2026-06-16 22:54:12 +00:00
a0a1decd06
handleNamespaceGatewayRequest rewrites r.Host to the backend target IP:port (e.g. "10.0.0.6:10004") before forwarding. The original public host (e.g. "ns-anchat-test.orama-devnet.network") is preserved in X-Forwarded-Host. checkWSOrigin in both pubsub/ws_client.go and serverless/ws_handler.go was comparing the client's Origin against the proxied r.Host only — so every browser / RN-iOS WS upgrade was rejected 403 because their Origin's public hostname can never match 10.0.0.6. curl probes don't send Origin, so curl returned true unconditionally and the bug was invisible to operator smoke tests. AnChat's iPhone WS clients hit `code=1006 reason="Received bad response code from server: 403"` for ~24h. Fix: prefer X-Forwarded-Host (the original public host) when present, fall back to r.Host for direct (non-proxied) connections. Applied identically to both WS handlers. Regression test in serverless/ws_origin_test.go covers the proxy-hop case, no-Origin case, and direct-connection case. This is the real fix; v0.122.19 only closed a separate silent-forward auth hole that produced opaque 401s on a different code path. VERSION bumped to 0.122.20.
Orama Network
A decentralized infrastructure platform combining distributed SQL, IPFS storage, caching, serverless WASM execution, and privacy relay — all managed through a unified API gateway.
Packages
| Package | Language | Description |
|---|---|---|
| core/ | Go | API gateway, distributed node, CLI, and client SDK |
| sdk/ | TypeScript | @debros/orama — JavaScript/TypeScript SDK (npm) |
| website/ | TypeScript | Marketing website and invest portal |
| vault/ | Zig | Distributed secrets vault (Shamir's Secret Sharing) |
| os/ | Go + Buildroot | OramaOS — hardened minimal Linux for network nodes |
Quick Start
# Build the core network binaries
make core-build
# Run tests
make core-test
# Start website dev server
make website-dev
# Build vault
make vault-build
Documentation
| Document | Description |
|---|---|
| Architecture | System architecture and design patterns |
| Deployment Guide | Deploy apps, databases, and domains |
| Dev & Deploy | Building, deploying to VPS, rolling upgrades |
| Security | Security hardening and threat model |
| Monitoring | Cluster health monitoring |
| Client SDK | Go SDK documentation |
| Serverless | WASM serverless functions |
| Common Problems | Troubleshooting known issues |
Contributing
See CONTRIBUTING.md for setup, development, and PR guidelines.