public_git
/
oauth2-proxy
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #2192 from jawys/fix-use-x-forwarded-uri-for-pathregex-match 

fix: use X-Forwarded-Uri if it exists for pathRegex match
This commit is contained in:
Joel Speed 2023-08-24 11:32:35 +01:00 committed by GitHub
parent 7b3a36b854 2d22530f8f
commit d9b9bcf9d4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@ -7,6 +7,7 @@
## Breaking Changes
## Changes since v7.4.0
- [#2133](https://github.com/oauth2-proxy/oauth2-proxy/pull/2133) Use X-Forwarded-Uri if it exists for pathRegex match
- [#2028](https://github.com/oauth2-proxy/oauth2-proxy/pull/2028) Update golang.org/x/net to v0.7.0 ato address GHSA-vvpx-j8f3-3w6h
- [#1873](https://github.com/oauth2-proxy/oauth2-proxy/pull/1873) Fix empty users with some OIDC providers (@babs)
- [#1882](https://github.com/oauth2-proxy/oauth2-proxy/pull/1882) Make `htpasswd.GetUsers` racecondition safe

4
oauthproxy.go
View File

@ -554,7 +554,7 @@ func isAllowedMethod(req *http.Request, route allowedRoute) bool {
}
func isAllowedPath(req *http.Request, route allowedRoute) bool {
matches := route.pathRegex.MatchString(req.URL.Path)
matches := route.pathRegex.MatchString(requestutil.GetRequestURI(req))
if route.negate {
return !matches
@ -575,7 +575,7 @@ func (p *OAuthProxy) isAllowedRoute(req *http.Request) bool {
func (p *OAuthProxy) isAPIPath(req *http.Request) bool {
for _, route := range p.apiRoutes {
if route.pathRegex.MatchString(req.URL.Path) {
if route.pathRegex.MatchString(requestutil.GetRequestURI(req)) {
return true
}
}