authelia/internal/configuration/validator
James Elliott 598ea2bb19
feat(configuration): disallow public suffix domains (#4855)
This adds a check to the domains configuration to ensure the domain value is not part of the public suffix list at https://publicsuffix.org. These domains are special and users cannot write cookies with this domain value, this makes them unusable with Authelia and this more readily makes that apparent.
2023-02-02 16:34:49 +11:00
..
access_control.go fix(configuration): missing warning about session domain (#4417) 2022-11-24 10:16:23 +11:00
access_control_test.go fix(configuration): missing warning about session domain (#4417) 2022-11-24 10:16:23 +11:00
authentication.go feat(configuration): glauth ldap implementation (#4499) 2022-12-21 22:14:22 +11:00
authentication_test.go feat(configuration): glauth ldap implementation (#4499) 2022-12-21 22:14:22 +11:00
configuration.go feat(web): privacy policy url (#4625) 2023-01-22 19:58:07 +11:00
configuration_test.go feat(session): multiple session cookie domains (#3754) 2023-01-12 21:57:44 +11:00
const.go feat(configuration): disallow public suffix domains (#4855) 2023-02-02 16:34:49 +11:00
const_test.go feat(session): multiple session cookie domains (#3754) 2023-01-12 21:57:44 +11:00
duo.go refactor(configuration): remove ptr for duoapi and notifier (#3200) 2022-04-16 09:34:26 +10:00
duo_test.go refactor(configuration): remove ptr for duoapi and notifier (#3200) 2022-04-16 09:34:26 +10:00
identity_providers.go feat(oidc): per-client pkce enforcement policy (#4692) 2023-01-04 02:03:23 +11:00
identity_providers_test.go feat(session): multiple session cookie domains (#3754) 2023-01-12 21:57:44 +11:00
keys.go feat(server): customizable authz endpoints (#4296) 2023-01-25 20:36:40 +11:00
keys_test.go refactor: introduce config key gen (#3206) 2022-04-16 19:00:39 +10:00
log.go feat(configuration): freeipa ldap implementation (#4482) 2022-12-21 21:07:00 +11:00
log_test.go feat(commands): add access-control check-policy command (#2871) 2022-02-28 14:15:01 +11:00
notifier.go feat(configuration): mtls clients (#4221) 2022-10-21 19:41:33 +11:00
notifier_test.go feat(session): multiple session cookie domains (#3754) 2023-01-12 21:57:44 +11:00
ntp.go feat: webauthn (#2707) 2022-03-03 22:20:43 +11:00
ntp_test.go feat: webauthn (#2707) 2022-03-03 22:20:43 +11:00
password_policy.go feat(web): privacy policy url (#4625) 2023-01-22 19:58:07 +11:00
password_policy_test.go feat(server): zxcvbn password policy server side (#3151) 2022-04-15 19:30:51 +10:00
privacy_policy.go feat(web): privacy policy url (#4625) 2023-01-22 19:58:07 +11:00
privacy_policy_test.go feat(web): privacy policy url (#4625) 2023-01-22 19:58:07 +11:00
regulation.go feat: webauthn (#2707) 2022-03-03 22:20:43 +11:00
regulation_test.go feat: webauthn (#2707) 2022-03-03 22:20:43 +11:00
server.go feat(server): customizable authz endpoints (#4296) 2023-01-25 20:36:40 +11:00
server_test.go feat(server): customizable authz endpoints (#4296) 2023-01-25 20:36:40 +11:00
session.go feat(configuration): disallow public suffix domains (#4855) 2023-02-02 16:34:49 +11:00
session_test.go feat(configuration): disallow public suffix domains (#4855) 2023-02-02 16:34:49 +11:00
shared.go feat(configuration): mtls clients (#4221) 2022-10-21 19:41:33 +11:00
storage.go feat(storage): tls connection support (#4233) 2022-10-22 19:27:59 +11:00
storage_test.go feat(storage): tls connection support (#4233) 2022-10-22 19:27:59 +11:00
telemetry.go refactor(server): use errgroup to supervise services (#3755) 2022-08-09 07:50:12 +10:00
telemetry_test.go fix(configuration): address parsing failure (#3653) 2022-07-05 14:43:12 +10:00
theme.go feat(commands): add access-control check-policy command (#2871) 2022-02-28 14:15:01 +11:00
theme_test.go feat(authentication): file password algorithms (#3848) 2022-10-17 21:51:59 +11:00
totp.go feat(totp): secret customization (#2681) 2022-04-08 09:01:01 +10:00
totp_test.go feat(authentication): file password algorithms (#3848) 2022-10-17 21:51:59 +11:00
util.go feat(configuration): disallow public suffix domains (#4855) 2023-02-02 16:34:49 +11:00
util_test.go feat(configuration): disallow public suffix domains (#4855) 2023-02-02 16:34:49 +11:00
webauthn.go feat: webauthn (#2707) 2022-03-03 22:20:43 +11:00
webauthn_test.go build(deps): utilize github.com/go-webauthn/webauthn (#2947) 2022-03-04 10:56:30 +11:00