barbercollie/tinyauth
1
0
Fork 1
mirror of https://github.com/steveiliop56/tinyauth.git synced 2026-06-23 11:50:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: remove port from cookie domain

Browse Source
This commit is contained in:
Stavros
2026-06-21 17:32:36 +03:00
parent a4f9c897a6
commit e53cbf414d
3 changed files with 9 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/controller/oauth_controller.go
+6 -1
View File
@@ -335,6 +335,11 @@ func (controller *OAuthController) isRedirectSafe(redirectURI string) bool {
return false
}
if u.Port() != au.Port() {
controller.log.App.Warn().Str("redirectUri", redirectURI).Str("appUrl", controller.runtime.AppURL).Msg("Redirect URI port does not match app URL port")
return false
}
if strings.EqualFold(u.Host, au.Host) {
return true
}
@@ -343,7 +348,7 @@ func (controller *OAuthController) isRedirectSafe(redirectURI string) bool {
return false
}
if strings.HasSuffix(strings.ToLower(u.Host), "."+strings.ToLower(controller.runtime.CookieDomain)) {
if strings.HasSuffix(strings.ToLower(u.Hostname()), "."+strings.ToLower(controller.runtime.CookieDomain)) {
return true
}