Skip to content

Commit

Permalink
set Path attribute in auth cookie to fix proxy auth in chrome
Browse files Browse the repository at this point in the history 
Authentication for private ports was broken in Chrome, and perhaps other
browsers too.  This was caused by the browser rejecting the `__Host-flow_auth`
cookie that was attempted to be set by data-plane-gateway.  The browser was
rejecting the cookie for a seemingly legitimate reason: the spec says it has to
be there.  I suspect that Firefox was more lax in this case because `Path=/` is
semantically equivalent to it not being set at all.  In any case, adding the
`Path=/` allows authenticated access to private ports to work properly in both
Chrome and Firefox.
  • Loading branch information
@psFried
psFried committed Nov 29, 2023
1 parent f7e4dff commit ca10b52
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions proxy/redirect.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,7 @@ func (h *authRedirectHandler) ServeHTTP(w http.ResponseWriter, req *http.Request
Value: token,
Secure: true,
HttpOnly: true,
Path: "/",
}
http.SetCookie(w, cookie)
http.Redirect(w, req, origUrl, 307)
Expand Down

0 comments on commit ca10b52

Please sign in to comment.