pkg/middleware · 1a810ebfe4c0b1dc5d838c9581846b96a7dba687 · Kornkitt Poolsup / nexpie-grafana-theme

Security: refactor 'redirect_to' cookie to use 'Secure' flag (#19787) · c5f906f4

* Refactor redirect_to cookie with secure flag in middleware

* Refactor redirect_to cookie with secure flag in api/login

* Refactor redirect_to cookie with secure flag in api/login_oauth

* Removed the deletion of 'Set-Cookie' header to prevent logout

* Removed the deletion of 'Set-Cookie' at top of api/login.go

* Add HttpOnly flag on redirect_to cookies where missing

* Refactor duplicated code

* Add tests

* Refactor cookie options

* Replace local function for deleting cookie

* Delete redundant calls

Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>

committed Jan 10, 2020

c5f906f4

Name	Last commit	Last Update
..
auth_proxy		Loading commit data...
auth.go		Loading commit data...
auth_proxy.go		Loading commit data...
auth_test.go		Loading commit data...
cookie.go		Loading commit data...
dashboard_redirect.go		Loading commit data...
dashboard_redirect_test.go		Loading commit data...
headers.go		Loading commit data...
logger.go		Loading commit data...
middleware.go		Loading commit data...
middleware_basic_auth_test.go		Loading commit data...
middleware_test.go		Loading commit data...
org_redirect.go		Loading commit data...
org_redirect_test.go		Loading commit data...
perf.go		Loading commit data...
quota.go		Loading commit data...
quota_test.go		Loading commit data...
recovery.go		Loading commit data...
recovery_test.go		Loading commit data...
render_auth.go		Loading commit data...
request_metrics.go		Loading commit data...
request_tracing.go		Loading commit data...
testing.go		Loading commit data...
util.go		Loading commit data...
validate_host.go		Loading commit data...