DevFW-CICD/ingress-nginx-helm
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add CORS template check inside location for externalAuth.SignURL (#8814)

Browse source 
* Add CORS template check inside location for externalAuth.SignURL

* Add testcase for CORS header for auth-signin redirect with CORS enabled.
This commit is contained in:
Harpreet singh 2023-01-19 22:58:36 +08:00 committed by GitHub
parent 8c4cd879e3
commit d1af3b5cca
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 49 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

4
rootfs/etc/nginx/template/nginx.tmpl
View file

@ -1180,6 +1180,10 @@ stream {
add_header Set-Cookie $auth_cookie;
{{ if $location.CorsConfig.CorsEnabled }}
{{ template "CORS" $location }}
{{ end }}
# Ensure that modsecurity will not run on an internal location as this is not accessible from outside
{{ if $all.Cfg.EnableModsecurity }}
modsecurity off;