3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-08-02 08:19:23 +02:00
Code Issues Projects Releases Packages Wiki Activity

proxy: restrict programmatic URLs to localhost (#2049)

Browse source 
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
This commit is contained in:
Travis Groth 2021-04-01 10:04:49 -04:00 committed by GitHub
parent 0635c838c9
commit c7d243d742
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
14 changed files with 822 additions and 126 deletions
Download patch file Download diff file Expand all files Collapse all files

3
proxy/state.go
View file

@ -33,6 +33,8 @@ type proxyState struct {
sessionStore sessions.SessionStore
sessionLoaders []sessions.SessionLoader
jwtClaimHeaders config.JWTClaimHeaders
programmaticRedirectDomainWhitelist []string
}
func newProxyStateFromConfig(cfg *config.Config) (*proxyState, error) {
@ -81,6 +83,7 @@ func newProxyStateFromConfig(cfg *config.Config) (*proxyState, error) {
header.NewStore(state.encoder, httputil.AuthorizationTypePomerium),
queryparam.NewStore(state.encoder, "pomerium_session"),
}
state.programmaticRedirectDomainWhitelist = cfg.Options.ProgrammaticRedirectDomainWhitelist
return state, nil
}