Fix permitted url checker
This commit is contained in:
parent
5ff4726f43
commit
681357759e
|
@ -12,7 +12,7 @@ public class CookieProxyController : Controller {
|
|||
[Route("/api/cookieproxy_stage_one")]
|
||||
public IActionResult StageOne([FromQuery] string tgt) {
|
||||
// Check if we are on the correct domain
|
||||
if (Request.Host.Host != $"{Vars.AuthProxySubdomain}.{Vars.UpstreamPrimaryDomain}")
|
||||
if (Request.Host.Host != $"{Vars.AuthProxySubdomain}.{Vars.UpstreamPrimaryDomain}" && Vars.PermittedDomains.All(p => Request.Host.Host != $"{Vars.AuthProxySubdomain}.{p}"))
|
||||
return StatusCode(StatusCodes.Status421MisdirectedRequest);
|
||||
|
||||
var dstDomain = AuthHelpers.GetRootDomain(tgt);
|
||||
|
|
Loading…
Reference in a new issue