authelia

Commit Graph

Author	SHA1	Message	Date
Clement Michaud	7c3d6cc376	Log what is retrieved from headers to help debugging.	2019-03-22 15:34:38 +01:00
Clement Michaud	76fa325f08	[BREAKING] Create a suite for kubernetes tests. Authelia client uses hash router instead of browser router in order to work with Kubernetes nginx-ingress-controller. This is also better for users having old browsers. This commit is breaking because it requires to change the configuration of the proxy to include the # in the URL of the login portal.	2019-03-16 00:13:27 +01:00
Clement Michaud	42581dfe93	Fix open redirection vulnerability. In order to redirect the user after authentication, Authelia uses rd query parameter provided by the proxy. However an attacker could use phishing to make the user be redirected to a bad domain. In order to avoid the user to be redirected to a bad location, Authelia now verifies the redirection URL is under the protected domain.	2018-11-17 17:48:20 +01:00

Author

SHA1

Message

Date

Clement Michaud

7c3d6cc376

Log what is retrieved from headers to help debugging.

2019-03-22 15:34:38 +01:00

Clement Michaud

76fa325f08

[BREAKING] Create a suite for kubernetes tests.

Authelia client uses hash router instead of browser router in order to work
with Kubernetes nginx-ingress-controller. This is also better for users having
old browsers.

This commit is breaking because it requires to change the configuration of the
proxy to include the # in the URL of the login portal.

2019-03-16 00:13:27 +01:00

Clement Michaud

42581dfe93

Fix open redirection vulnerability.

In order to redirect the user after authentication, Authelia uses
rd query parameter provided by the proxy. However an attacker could
use phishing to make the user be redirected to a bad domain. In order
to avoid the user to be redirected to a bad location, Authelia now
verifies the redirection URL is under the protected domain.

2018-11-17 17:48:20 +01:00

3 Commits (92eb897a03caf9d8279b7fed81f8a2cd7cb0a67a)