Fix hardened security checks
This commit is contained in:
parent
b280eeba23
commit
627cd44d14
|
@ -12,7 +12,7 @@ public class CookieProxyController : Controller {
|
||||||
[Route("/api/cookieproxy_stage_one")]
|
[Route("/api/cookieproxy_stage_one")]
|
||||||
public IActionResult StageOne([FromQuery] string dstDomain, [FromQuery] string tgt) {
|
public IActionResult StageOne([FromQuery] string dstDomain, [FromQuery] string tgt) {
|
||||||
// Check if we are on the correct domain
|
// Check if we are on the correct domain
|
||||||
if (Request.Host.Host != Vars.AuthProxySubdomain + Vars.UpstreamPrimaryDomain)
|
if (Request.Host.Host != Vars.AuthProxySubdomain + "." + Vars.UpstreamPrimaryDomain)
|
||||||
return StatusCode(StatusCodes.Status421MisdirectedRequest);
|
return StatusCode(StatusCodes.Status421MisdirectedRequest);
|
||||||
|
|
||||||
if (!Request.Cookies.ContainsKey("authelia_session")
|
if (!Request.Cookies.ContainsKey("authelia_session")
|
||||||
|
|
Loading…
Reference in a new issue