CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 09:42:46 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #14714 from Security-Onion-Solutions/jertel/wip

Browse Source 
enable STS for browser redirects
This commit is contained in:
Jason Ertel
2025-06-05 18:48:46 -04:00
committed by GitHub
parent 43e994f2c2 643afeeae7
commit aca54b4645
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
salt/nginx/etc/nginx.conf
View File

@@ -383,6 +383,7 @@ http {
} }
if ($request_uri ~* ^/(?!(^/api/.*))) { if ($request_uri ~* ^/(?!(^/api/.*))) {
add_header Set-Cookie "AUTH_REDIRECT=$request_uri;Path=/;Max-Age=14400"; add_header Set-Cookie "AUTH_REDIRECT=$request_uri;Path=/;Max-Age=14400";
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
} }
return 302 /auth/self-service/login/browser; return 302 /auth/self-service/login/browser;
} }
@@ -392,6 +393,7 @@ http {
return 403; return 403;
} }
add_header Set-Cookie "ory_kratos_session=;Path=/;Max-Age=0;expires=Thu, 01 Jan 1970 00:00:00 GMT;"; add_header Set-Cookie "ory_kratos_session=;Path=/;Max-Age=0;expires=Thu, 01 Jan 1970 00:00:00 GMT;";
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
return 302 /auth/self-service/login/browser; return 302 /auth/self-service/login/browser;
} }