Fix permitted url checker
This commit is contained in:
parent
5ff4726f43
commit
681357759e
|
@ -12,7 +12,7 @@ public class CookieProxyController : Controller {
|
||||||
[Route("/api/cookieproxy_stage_one")]
|
[Route("/api/cookieproxy_stage_one")]
|
||||||
public IActionResult StageOne([FromQuery] string tgt) {
|
public IActionResult StageOne([FromQuery] string tgt) {
|
||||||
// Check if we are on the correct domain
|
// Check if we are on the correct domain
|
||||||
if (Request.Host.Host != $"{Vars.AuthProxySubdomain}.{Vars.UpstreamPrimaryDomain}")
|
if (Request.Host.Host != $"{Vars.AuthProxySubdomain}.{Vars.UpstreamPrimaryDomain}" && Vars.PermittedDomains.All(p => Request.Host.Host != $"{Vars.AuthProxySubdomain}.{p}"))
|
||||||
return StatusCode(StatusCodes.Status421MisdirectedRequest);
|
return StatusCode(StatusCodes.Status421MisdirectedRequest);
|
||||||
|
|
||||||
var dstDomain = AuthHelpers.GetRootDomain(tgt);
|
var dstDomain = AuthHelpers.GetRootDomain(tgt);
|
||||||
|
|
Loading…
Reference in a new issue