Skip to content

GitLab

P
paas2-auth-sidecar
Commit 8023b2d5 authored by Olav Morken's avatar Olav Morken
Browse files
Options

Fix secure cookie set for http requests.

parent 66eea123
Pipeline #1664 passed with stage
    in 2 minutes and 56 seconds
    Hide whitespace changes
    Inline Side-by-side
    Showing with 11 additions and 1 deletion
    lua/callback.lua
    View file @ 8023b2d5
    local headers = ngx.req.get_headers()
    local scheme = headers["x-forwarded-proto"]
    if not scheme then
    scheme = ngx.var.scheme
    end
    local secure_flag = 'Secure; '
    if scheme == 'http' then
    secure_flag = ''
    end
    ngx.req.read_body()
    local args, err = ngx.req.get_post_args()
    if not args then
    ......@@ -8,5 +18,5 @@ end
    local session = args['SessionId']
    local returnTo = args['ReturnTo']
    ngx.header['Set-Cookie'] = 'session=' .. session ..'; path=/; Secure; HttpOnly;'
    ngx.header['Set-Cookie'] = 'session=' .. session ..'; path=/; ' .. secure_flag .. 'HttpOnly;'
    return ngx.redirect(returnTo)
    Markdown is supported
    0% or .
    You are about to add 0 people to the discussion. Proceed with caution.
    Finish editing this message first!
    Please register or to comment