From 627cd44d14f6f869570f9338e628984ea2d8edb0 Mon Sep 17 00:00:00 2001 From: Laura Hausmann Date: Tue, 28 Mar 2023 23:13:10 +0200 Subject: [PATCH] Fix hardened security checks --- Controllers/CookieProxyController.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Controllers/CookieProxyController.cs b/Controllers/CookieProxyController.cs index 446f782..3779327 100644 --- a/Controllers/CookieProxyController.cs +++ b/Controllers/CookieProxyController.cs @@ -12,7 +12,7 @@ public class CookieProxyController : Controller { [Route("/api/cookieproxy_stage_one")] public IActionResult StageOne([FromQuery] string dstDomain, [FromQuery] string tgt) { // Check if we are on the correct domain - if (Request.Host.Host != Vars.AuthProxySubdomain + Vars.UpstreamPrimaryDomain) + if (Request.Host.Host != Vars.AuthProxySubdomain + "." + Vars.UpstreamPrimaryDomain) return StatusCode(StatusCodes.Status421MisdirectedRequest); if (!Request.Cookies.ContainsKey("authelia_session")