CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-18 15:02:50 +01:00
Code Issues Packages Projects Releases Wiki Activity

enable STS for browser redirects

Browse Source
This commit is contained in:
Jason Ertel
2025-06-05 16:02:27 -04:00
parent ab89858d04
commit 643afeeae7
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
salt/nginx/etc/nginx.conf
View File

@@ -383,6 +383,7 @@ http {
} }
if ($request_uri ~* ^/(?!(^/api/.*))) { if ($request_uri ~* ^/(?!(^/api/.*))) {
add_header Set-Cookie "AUTH_REDIRECT=$request_uri;Path=/;Max-Age=14400"; add_header Set-Cookie "AUTH_REDIRECT=$request_uri;Path=/;Max-Age=14400";
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
} }
return 302 /auth/self-service/login/browser; return 302 /auth/self-service/login/browser;
} }
@@ -392,6 +393,7 @@ http {
return 403; return 403;
} }
add_header Set-Cookie "ory_kratos_session=;Path=/;Max-Age=0;expires=Thu, 01 Jan 1970 00:00:00 GMT;"; add_header Set-Cookie "ory_kratos_session=;Path=/;Max-Age=0;expires=Thu, 01 Jan 1970 00:00:00 GMT;";
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
return 302 /auth/self-service/login/browser; return 302 /auth/self-service/login/browser;
} }