Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

blah.supabase.co/rest/v1 request failing

See original GitHub issue

Bug report

Describe the bug

Both on the Supabase dashboard (app.supabase.com) and our apps, requests to instance-id.supabase.co/rest/v1 are failing.

This is happening on both Supabase organizations I am a part of.

To Reproduce

Attempt to send any request to `instance-id.supabase.co/rest/v1.

Expected behavior

I expect requests to the supabase postgrest instance to be successful.

Screenshots

If applicable, add screenshots to help explain your problem.

System information

OS: MacOS
Browser (if applies) Firefox

Additional context

Issue Analytics

State:
Created 2 years ago
Reactions:3
Comments:28 (9 by maintainers)

Top GitHub Comments

25reactions

iniancommented, Jul 24, 2021

Another update - Supabase domains have been accepted into the Public Suffix List. Over the next few days, we will be offering an alternate domain for affected users. Everyone affected please reach out to beta@supabase.io referencing this issue and I will set you up the alternate domain right away.

15reactions

kiwicopplecommented, Jun 28, 2021

Hi all, the investigation is still ongoing but we have some updates. This was caused by user who signed up to host malicious content on Supabase storage. We took down the content within an hour and blocked the account - it looks like they were a very new GitHub account created specifically for this

We worked closely with our contact at Google to clear the subdomain: https://transparencyreport.google.com/safe-browsing/search?url=supabase.co

We are taking steps to mitigate this:

We are adding supabase.co to the Public Suffix List which would indicate any site under supabase.co are to be treated as separate websites
We are limiting Storage Hosting to a small subset of content types (we will even block HTML hosting until we are certain we can manage malicious actors at scale)
We will implement support for custom domains so that you are not impacted by other users on the platform
We’ve setup an abuse@supabase.io email to receive notifications when we receive abuse reports from upstream providers
We will block suspicious Github accounts from creating new projects until they have been reviewed by a team member

Top Results From Across the Web

Initializing - Supabase

You can initialize a new Supabase client using the createClient() method. The Supabase client is your entrypoint to the rest of the Supabase...

Application error: a client-side exception has occurred

Supabase.comDashboard. Javascript Reference v2.0. Application error: a client-side exception has occurred (see the browser console for more information).

Serverless APIs - Supabase

Let's see how to make a request to the todos table which we created in the first step, using the API URL (...

pg_graphql v1.0 - Supabase

For example, if any part of a multi-mutation GraphQL request fails, the entire request can roll back to leave the database in a...

Part Two: Row Level Security | Supabase

Supabase Auth Deep Dive Part Two - Row Level Security. ... You'll notice that both reading and writing now fail with an error...