jazzymc/homarr
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

fix(auth): oidc redirect does not respect https protocol (#1763)

Browse Source
This commit is contained in:
Meier Lukas
2024-12-24 14:15:34 +01:00
committed by GitHub
parent e220087e96
commit 0336803550
5 changed files with 20 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
packages/common/src/url.ts
View File

@@ -4,8 +4,16 @@ export const removeTrailingSlash = (path: string) => {
return path.at(-1) === "/" ? path.substring(0, path.length - 1) : path;
};
export const extractBaseUrlFromHeaders = (headers: ReadonlyHeaders): `${string}://${string}` => {
let protocol = headers.get("x-forwarded-proto") ?? "http";
export const extractBaseUrlFromHeaders = (
headers: ReadonlyHeaders,
fallbackProtocol: "http" | "https" = "http",
): `${string}://${string}` => {
let protocol = headers.get("x-forwarded-proto");
// If the protocol is not set or an empty string
if (!protocol) {
protocol = fallbackProtocol;
}
// @see https://support.glitch.com/t/x-forwarded-proto-contains-multiple-protocols/17219
if (protocol.includes(",")) {