public_git
/
oauth2-proxy
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Warn users when session cookies are split

This commit is contained in:
Joel Speed 2020-04-10 14:25:23 +01:00
parent a659b9558e
commit fcd52e042e
No known key found for this signature in database
GPG Key ID: 6E80578D6751DEFB
2 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@ -35,6 +35,7 @@
- [#462](https://github.com/oauth2-proxy/oauth2-proxy/pull/462) Allow HTML in banner message (@eritikass). - [#462](https://github.com/oauth2-proxy/oauth2-proxy/pull/462) Allow HTML in banner message (@eritikass).
- [#412](https://github.com/pusher/oauth2_proxy/pull/412) Allow multiple cookie domains to be specified (@edahlseng) - [#412](https://github.com/pusher/oauth2_proxy/pull/412) Allow multiple cookie domains to be specified (@edahlseng)
- [#413](https://github.com/oauth2-proxy/oauth2-proxy/pull/413) Add -set-basic-auth param to set the Basic Authorization header for upstreams (@morarucostel). - [#413](https://github.com/oauth2-proxy/oauth2-proxy/pull/413) Add -set-basic-auth param to set the Basic Authorization header for upstreams (@morarucostel).
- [#483](https://github.com/oauth2-proxy/oauth2-proxy/pull/483) Warn users when session cookies are split (@JoelSpeed)
# v5.1.0 # v5.1.0

2
pkg/sessions/cookie/session_store.go
View File

@ -12,6 +12,7 @@ import (
"github.com/oauth2-proxy/oauth2-proxy/pkg/apis/sessions" "github.com/oauth2-proxy/oauth2-proxy/pkg/apis/sessions"
"github.com/oauth2-proxy/oauth2-proxy/pkg/cookies" "github.com/oauth2-proxy/oauth2-proxy/pkg/cookies"
"github.com/oauth2-proxy/oauth2-proxy/pkg/encryption" "github.com/oauth2-proxy/oauth2-proxy/pkg/encryption"
"github.com/oauth2-proxy/oauth2-proxy/pkg/logger"
"github.com/oauth2-proxy/oauth2-proxy/pkg/sessions/utils" "github.com/oauth2-proxy/oauth2-proxy/pkg/sessions/utils"
) )
@ -129,6 +130,7 @@ func NewCookieSessionStore(opts *options.SessionOptions, cookieOpts *options.Coo
// it into a slice of cookies which fit within the 4kb cookie limit indexing // it into a slice of cookies which fit within the 4kb cookie limit indexing
// the cookies from 0 // the cookies from 0
func splitCookie(c *http.Cookie) []*http.Cookie { func splitCookie(c *http.Cookie) []*http.Cookie {
logger.Printf("WARNING: Multiple cookies are required for this session as it exceeds the 4kb cookie limit. Please use server side session storage (eg. Redis) instead.")
if len(c.Value) < maxCookieLength { if len(c.Value) < maxCookieLength {
return []*http.Cookie{c} return []*http.Cookie{c}
} }