CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-25 14:07:49 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #15526 from Security-Onion-Solutions/jertel/wip

Browse Source 
do not allow auth redirection to login page or home page; that serves…
This commit is contained in:
Jason Ertel
2026-02-25 18:14:25 -05:00
committed by GitHub
parent c4b6cef8ee c1c568e94d
commit ee4a2f00be
1 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
salt/nginx/etc/nginx.conf
+6 -2
View File
@@ -383,12 +383,16 @@ http {
location @error401 { location @error401 {
if ($request_uri ~* (^/connect/.*|^/oauth2/.*)) { if ($request_uri ~* (^/connect/.*|^/oauth2/.*)) {
return 401; return 401;
} }
if ($request_uri ~* ^/(?!(^/api/.*))) { if ($request_uri ~* ^/(?!(^/api/.*))) {
add_header Set-Cookie "AUTH_REDIRECT=$request_uri;Path=/;Max-Age=14400";
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains"; add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
} }
if ($request_uri ~* ^/(?!(api/|login|auth|oauth2|$))) {
add_header Set-Cookie "AUTH_REDIRECT=$request_uri;Path=/;Max-Age=14400";
}
return 302 /auth/self-service/login/browser; return 302 /auth/self-service/login/browser;
} }