Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
ai
sso
Commits
69a97d06
Commit
69a97d06
authored
Nov 16, 2018
by
ale
Browse files
Properly set the CORS origin
Handles the case where the SSOLoginServer URL has a path component.
parent
72888c4b
Changes
1
Hide whitespace changes
Inline
Side-by-side
src/mod_sso/mod_sso.c
View file @
69a97d06
...
...
@@ -55,6 +55,7 @@ extern module AP_MODULE_DECLARE_DATA sso_module;
typedef
struct
{
const
char
*
login_server
;
const
char
*
login_server_origin
;
const
char
*
domain
;
const
char
*
service
;
...
...
@@ -100,6 +101,7 @@ static void *create_modsso_config(apr_pool_t *p, char *s) {
// Set default values.
newcfg
->
login_server
=
NULL
;
newcfg
->
login_server_origin
=
NULL
;
newcfg
->
service
=
NULL
;
newcfg
->
domain
=
NULL
;
newcfg
->
public_key
=
NULL
;
...
...
@@ -117,6 +119,8 @@ static void *merge_modsso_config(apr_pool_t *p, void *base, void *add) {
newcfg
->
login_server
=
cadd
->
login_server
?
cadd
->
login_server
:
cbase
->
login_server
;
newcfg
->
login_server_origin
=
cadd
->
login_server_origin
?
cadd
->
login_server_origin
:
cbase
->
login_server_origin
;
newcfg
->
service
=
cadd
->
service
?
cadd
->
service
:
cbase
->
service
;
newcfg
->
domain
=
cadd
->
domain
?
cadd
->
domain
:
cbase
->
domain
;
newcfg
->
public_key
=
cadd
->
public_key
?
cadd
->
public_key
:
cbase
->
public_key
;
...
...
@@ -131,7 +135,22 @@ static void *merge_modsso_config(apr_pool_t *p, void *base, void *add) {
static
const
char
*
set_modsso_login_server
(
cmd_parms
*
parms
,
void
*
mconfig
,
const
char
*
arg
)
{
modsso_config
*
s_cfg
=
(
modsso_config
*
)
mconfig
;
char
*
origin
,
*
p
;
// Ignore an eventual https:// prefix.
if
(
!
strncmp
(
arg
,
"https://"
,
8
))
{
arg
+=
8
;
}
s_cfg
->
login_server
=
arg
;
// The CORS Origin for the login server is obtained by stripping any
// path component from the URL.
origin
=
apr_pstrdup
(
parms
->
pool
,
arg
);
if
((
p
=
strchr
(
origin
,
'/'
))
!=
NULL
)
{
*
p
=
'\0'
;
}
s_cfg
->
login_server_origin
=
apr_pstrcat
(
parms
->
pool
,
"https://"
,
origin
,
NULL
);
return
NULL
;
}
...
...
@@ -398,9 +417,8 @@ static int mod_sso_method_handler(request_rec *r) {
ap_log_error
(
APLOG_MARK
,
APLOG_DEBUG
,
0
,
r
->
server
,
"sso: logout?
\"
%s
\"
\"
%s
\"
"
,
sso_logout_path
,
uri
);
if
(
!
strcmp
(
uri
,
sso_logout_path
))
{
char
*
login_server_origin
=
apr_pstrcat
(
r
->
pool
,
"https://"
,
s_cfg
->
login_server
,
NULL
);
modsso_del_cookie
(
r
,
sso_cookie_name
,
service_path
);
apr_table_setn
(
r
->
err_headers_out
,
"Access-Control-Allow-Origin"
,
login_server_origin
);
apr_table_setn
(
r
->
err_headers_out
,
"Access-Control-Allow-Origin"
,
s_cfg
->
login_server_origin
);
apr_table_setn
(
r
->
err_headers_out
,
"Access-Control-Allow-Credentials"
,
"true"
);
apr_table_setn
(
r
->
err_headers_out
,
"Cache-Control"
,
"no-cache"
);
return
http_sendstring
(
r
,
"OK"
);
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment