Summary
The Web Endpoint create form (both Vue at ui/src/components/WebEndpoints/WebEndpointCreate.vue and React at ui-react/apps/console/src/pages/WebEndpoints.tsx) hides the Domain text field unless the Enable TLS toggle is on. The submit payload also only includes the tls object when tls.enabled === true, so tls.domain cannot be sent without also enabling TLS.
After #6321 the backend treats tls.domain as a Host override even when tls.enabled is false, which is exactly the configuration users need when their service is plain HTTP but validates Host or redirects to a canonical hostname (very common). The UI currently makes that combination unreachable.
Beyond the gating issue, the Domain label has been an active source of confusion: users read it as the public URL of the endpoint and fill it with their internal canonical hostname.
What needs to change
In both UI implementations:
- Show the hostname text field regardless of the TLS toggle state.
- Always include
tls.domain (and tls.verify) in the create payload when the user provided either of them or enabled TLS. tls.enabled continues to be controlled by its own toggle.
- Rename the field to something that does not read as "public URL".
Service hostname works and aligns with the surrounding copy.
- Update labels and hints so the dual role is clear:
- "Service on the device uses HTTPS" toggle: controls whether the proxy completes a TLS handshake to the service. The public-facing URL scheme is controlled by the gateway, not by this toggle.
- "Service hostname" field: optional. When set, used as the
Host header sent to the service and (if TLS is on) as the SNI for the handshake.
Files
ui/src/components/WebEndpoints/WebEndpointCreate.vue (Vue):
v-show="tlsEnabled" around the field needs to be removed.- Validation in
useField should not be gated on tlsEnabled.
- In
addWebEndpoint, always include tls in the payload when the user provided anything.
ui-react/apps/console/src/pages/WebEndpoints.tsx (React):
{tlsEnabled && ( block around the input needs to be removed.tls object in the create payload should always include domain when non-empty.
Related
Summary
The Web Endpoint create form (both Vue at
ui/src/components/WebEndpoints/WebEndpointCreate.vueand React atui-react/apps/console/src/pages/WebEndpoints.tsx) hides theDomaintext field unless theEnable TLStoggle is on. The submit payload also only includes thetlsobject whentls.enabled === true, sotls.domaincannot be sent without also enabling TLS.After #6321 the backend treats
tls.domainas aHostoverride even whentls.enabledisfalse, which is exactly the configuration users need when their service is plain HTTP but validatesHostor redirects to a canonical hostname (very common). The UI currently makes that combination unreachable.Beyond the gating issue, the
Domainlabel has been an active source of confusion: users read it as the public URL of the endpoint and fill it with their internal canonical hostname.What needs to change
In both UI implementations:
tls.domain(andtls.verify) in the create payload when the user provided either of them or enabled TLS.tls.enabledcontinues to be controlled by its own toggle.Service hostnameworks and aligns with the surrounding copy.Hostheader sent to the service and (if TLS is on) as the SNI for the handshake.Files
ui/src/components/WebEndpoints/WebEndpointCreate.vue(Vue):v-show="tlsEnabled"around the field needs to be removed.useFieldshould not be gated ontlsEnabled.addWebEndpoint, always includetlsin the payload when the user provided anything.ui-react/apps/console/src/pages/WebEndpoints.tsx(React):{tlsEnabled && (block around the input needs to be removed.tlsobject in the create payload should always includedomainwhen non-empty.Related