[PR #4888] [MERGED] fix(desktop): fix missing ca certs when client certs are not present #4979

New issue

Closed

opened 2026-03-17 02:28:07 +03:00 by kerem · 0 comments

kerem commented

2026-03-17 02:28:07 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/hoppscotch/hoppscotch/pull/4888
Author: @CuriousCorrelation
Created: 3/14/2025
Status: ✅ Merged
Merged: 3/19/2025
Merged by: @jamesgeorge007

Base: patch ← Head: fix/desktop-native-interceptor-domain-settings

📝 Commits (1)

cb16ab6 fix(desktop): avoid flatmap early exit bind

📊 Changes

1 file changed (+22 additions, -24 deletions)

View changed files

📝 packages/hoppscotch-common/src/helpers/functional/domain-settings.ts (+22 -24)

📄 Description

This PR fixes essentially an && op on certs domain settings to ||.

Before	After

Notes to reviewer

Before the fix

When you set CA certificates for Native interceptor in the domain settings section

Step 1	Step 2	Step 3
Set CA certificates	Remove any client certificates	Try sending a request to untrusted server (which would be trusted by the CA cert). Notice CA cert is missing from `security` object

You'll see the server is still untrusted (error about self-signed certs).

Now if you were to add client certificates (related or unrelated, doesn't matter)

Step 1	Step 2	Step 3
Set CA certificates	Add any client certificates	Try sending a request to untrusted server (which would be trusted by the CA cert), it will succeed. Notice `security` object correctly populated

After the fix

What we should see is the un-trusted server being trusted by the CA certs (no error message about self-signed certs) and the server returning successful response with a message saying perhaps the client certs are missing:

Step 1	Step 2	Step 3
Set CA certificates	Remove any client certificates	Try sending a request to untrusted server (which would be trusted by the CA cert), successful response with request for client certs

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/hoppscotch/hoppscotch/pull/4888 **Author:** [@CuriousCorrelation](https://github.com/CuriousCorrelation) **Created:** 3/14/2025 **Status:** ✅ Merged **Merged:** 3/19/2025 **Merged by:** [@jamesgeorge007](https://github.com/jamesgeorge007) **Base:** `patch` ← **Head:** `fix/desktop-native-interceptor-domain-settings` --- ### 📝 Commits (1) - [`cb16ab6`](https://github.com/hoppscotch/hoppscotch/commit/cb16ab6db010c8b654fbca003233a330c6d85f67) fix(desktop): avoid flatmap early exit bind ### 📊 Changes **1 file changed** (+22 additions, -24 deletions) <details> <summary>View changed files</summary> 📝 `packages/hoppscotch-common/src/helpers/functional/domain-settings.ts` (+22 -24) </details> ### 📄 Description This PR fixes essentially an `&&` op on certs domain settings to `||`. | Before | After | | ------ | ------| | ![Before](https://github.com/user-attachments/assets/61e2a130-fd96-4430-84bf-16db5da9c401) | ![After](https://github.com/user-attachments/assets/0e48b8c8-4214-4218-a991-c2882b5becd4) | ### Notes to reviewer #### Before the fix When you set CA certificates for `Native` interceptor in the domain settings section | Step 1 | Step 2 | Step 3 | | ------ | ------ | ------ | | Set CA certificates | Remove any client certificates | Try sending a request to untrusted server (which would be trusted by the CA cert). Notice CA cert is missing from `security` object | | ![CA Certs](https://github.com/user-attachments/assets/d869e211-b14f-4ad5-87b3-8e67c2a287b2) | ![Client Certs Empty](https://github.com/user-attachments/assets/68e2fb89-6430-4a8f-8564-03f84a651f87) | ![Before](https://github.com/user-attachments/assets/61e2a130-fd96-4430-84bf-16db5da9c401) | You'll see the server is still untrusted (error about self-signed certs). Now if you were to add client certificates (related or unrelated, doesn't matter) | Step 1 | Step 2 | Step 3 | | ------ | ------ | ------ | | Set CA certificates | Add any client certificates | Try sending a request to untrusted server (which would be trusted by the CA cert), it will succeed. Notice `security` object correctly populated | | ![CA Certs](https://github.com/user-attachments/assets/d869e211-b14f-4ad5-87b3-8e67c2a287b2) | ![Added Client Certs](https://github.com/user-attachments/assets/927c5c2a-cba7-4080-86e8-41f22cb90abe) | ![Success](https://github.com/user-attachments/assets/9e47dfdf-1d68-428d-897f-66b4143ffa48) | #### After the fix What we should see is the un-trusted server being trusted by the CA certs (no error message about self-signed certs) and the server returning successful response with a message saying perhaps the client certs are missing: | Step 1 | Step 2 | Step 3 | | ------ | ------ | ------ | | Set CA certificates | Remove any client certificates | Try sending a request to untrusted server (which would be trusted by the CA cert), successful response with request for client certs | | ![CA Certs](https://github.com/user-attachments/assets/d869e211-b14f-4ad5-87b3-8e67c2a287b2) | ![Client Certs Empty](https://github.com/user-attachments/assets/68e2fb89-6430-4a8f-8564-03f84a651f87) | ![After](https://github.com/user-attachments/assets/0e48b8c8-4214-4218-a991-c2882b5becd4) | --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>