Fix hardened security checks

2023-03-28 23:13:10 +02:00 · 2023-03-28 23:13:10 +02:00 · 627cd44d14
parent b280eeba23
commit 627cd44d14
1 changed files with 1 additions and 1 deletions
--- a/Controllers/CookieProxyController.cs
+++ b/Controllers/CookieProxyController.cs
@ -12,7 +12,7 @@ public class CookieProxyController : Controller {
 	[Route("/api/cookieproxy_stage_one")]
 	public IActionResult StageOne([FromQuery] string dstDomain, [FromQuery] string tgt) {
 		// Check if we are on the correct domain
-		if (Request.Host.Host != Vars.AuthProxySubdomain + Vars.UpstreamPrimaryDomain)
+		if (Request.Host.Host != Vars.AuthProxySubdomain + "." + Vars.UpstreamPrimaryDomain)
 			return StatusCode(StatusCodes.Status421MisdirectedRequest);
 		
 		if (!Request.Cookies.ContainsKey("authelia_session")