YunoHost/SSOwat
1
0
Fork 0
mirror of https://github.com/YunoHost/SSOwat.git synced 2024-09-03 20:06:27 +02:00
Code Issues Projects Releases Packages Wiki Activity

Scheme check is broken behind a reverse-proxy; same can be achieved with regular Nginx conf

Browse source
This commit is contained in:
Y 2017-09-17 17:41:30 +02:00
parent 61ca14a09a
commit d1c53a6e1b
2 changed files with 0 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
access.lua
View file

@ -69,12 +69,6 @@ then
-- `GET` method will serve a portal file -- `GET` method will serve a portal file
if ngx.var.request_method == "GET" then if ngx.var.request_method == "GET" then
-- Force portal scheme
if ngx.var.scheme ~= conf["portal_scheme"] then
ngx.log(ngx.DEBUG, "REDIRECT SCHEME ~= PORTAL_SCHEME: "..ngx.var.scheme)
return hlp.redirect(conf.portal_url)
end
-- Add a trailing `/` if not present -- Add a trailing `/` if not present
if ngx.var.uri.."/" == conf["portal_path"] then if ngx.var.uri.."/" == conf["portal_path"] then
ngx.log(ngx.DEBUG, "REDIRECT MISSING /") ngx.log(ngx.DEBUG, "REDIRECT MISSING /")

7
helpers.lua
View file

@ -324,13 +324,6 @@ end
-- Set the authentication headers in order to pass credentials to the -- Set the authentication headers in order to pass credentials to the
-- application underneath. -- application underneath.
function set_headers(user) function set_headers(user)
-- We definitely don't want to pass credentials on a non-encrypted
-- connection.
if ngx.var.scheme ~= "https" then
return redirect("https://"..ngx.var.host..ngx.var.uri..uri_args_string())
end
local user = user or authUser local user = user or authUser
-- If the password is not in cache or if the cache has expired, ask for -- If the password is not in cache or if the cache has expired, ask for