providers/proxy: fix redis cookies missing strict path (#7135)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
parent
bc595a9724
commit
dd7d3bf738
|
@ -50,6 +50,7 @@ func (a *Application) getStore(p api.ProxyOutpostConfig, externalHost *url.URL)
|
||||||
Domain: *p.CookieDomain,
|
Domain: *p.CookieDomain,
|
||||||
SameSite: http.SameSiteLaxMode,
|
SameSite: http.SameSiteLaxMode,
|
||||||
MaxAge: maxAge,
|
MaxAge: maxAge,
|
||||||
|
Path: externalHost.Path,
|
||||||
})
|
})
|
||||||
|
|
||||||
a.log.Trace("using redis session backend")
|
a.log.Trace("using redis session backend")
|
||||||
|
@ -66,11 +67,11 @@ func (a *Application) getStore(p api.ProxyOutpostConfig, externalHost *url.URL)
|
||||||
// Note, when using the FilesystemStore only the session.ID is written to a browser cookie, so this is explicit for the storage on disk
|
// Note, when using the FilesystemStore only the session.ID is written to a browser cookie, so this is explicit for the storage on disk
|
||||||
cs.MaxLength(math.MaxInt)
|
cs.MaxLength(math.MaxInt)
|
||||||
cs.Options.HttpOnly = true
|
cs.Options.HttpOnly = true
|
||||||
if strings.ToLower(externalHost.Scheme) == "https" {
|
cs.Options.Secure = strings.ToLower(externalHost.Scheme) == "https"
|
||||||
cs.Options.Secure = true
|
|
||||||
}
|
|
||||||
cs.Options.Domain = *p.CookieDomain
|
cs.Options.Domain = *p.CookieDomain
|
||||||
cs.Options.SameSite = http.SameSiteLaxMode
|
cs.Options.SameSite = http.SameSiteLaxMode
|
||||||
|
cs.Options.MaxAge = maxAge
|
||||||
|
cs.Options.Path = externalHost.Path
|
||||||
a.log.WithField("dir", dir).Trace("using filesystem session backend")
|
a.log.WithField("dir", dir).Trace("using filesystem session backend")
|
||||||
return cs
|
return cs
|
||||||
}
|
}
|
||||||
|
|
Reference in a new issue