YunoHost-Apps/reverseproxy_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/reverseproxy_ynh.git synced 2024-09-03 20:16:23 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #20 from YunoHost-Apps/fix-proxy-ssowat

Browse source 
[fix] Avoid remote unencrypted destination in proxy mode
This commit is contained in:
ljf (zamentur) 2020-06-26 13:38:46 +02:00 committed by GitHub
commit 78ebeba157
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
scripts/install
View file

@ -53,6 +53,12 @@ url_regex='(https?|ftp|file)://[-A-Za-z0-9\+&@#/%?=~_|!:,.;]*[-A-Za-z0-9\+&@#/%=
[[ ! $redirect_path =~ $url_regex ]] && ynh_die \
"Invalid destination: $redirect_path" 1
# Avoid uncrypted remote destination with reverse proxy mode
# Indeed the SSO send the password in all requests in HTTP headers
url_regex='^(http://(127\.[0-9]+\.[0-9]+\.[0-9]+|localhost)|https://.*)(:[0-9]+)?(/.*)?$'
[[ "$redirect_type" = "proxy" ]] && [[ ! $redirect_path =~ $url_regex ]] && ynh_die \
"For secure reason, you can't use an unencrypted http remote destination couple with ssowat for your reverse proxy: $redirect_path" 1
# Save extra settings
yunohost app setting $app is_public -v "$is_public"
yunohost app setting $app redirect_type -v "$redirect_type"