Content-Length: 210318 | pFad | https://github.com/sebadob/rauthy/commit/360ce46c19bad81ee60de817f3b3f74f0dd3c408

DD add all `/fed_cm/` routes as CSRF exception - has its own mechanisms · sebadob/rauthy@360ce46 · GitHub
Skip to content

Commit

Permalink
add all /fed_cm/ routes as CSRF exception - has its own mechanisms
Browse files Browse the repository at this point in the history
  • Loading branch information
@sebadob
sebadob committed May 28, 2024
1 parent b22b0c9 commit 360ce46
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions rauthy-handlers/src/middleware/csrf_protection.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -131,6 +131,8 @@ fn is_path_csrf_exception(path: &str) -> bool {
|| path == "/pow"
// make it possible to fetch public keys from browsers / SPAs
|| path.starts_with("/oidc/certs")
// FedCM has its own validation mechanisms
|| path.starts_with("/fed_cm/")
|| path.ends_with("/logo")
|| path.starts_with("/.well-known/")
|| path.starts_with("/auth/v1/.well-known/")
Expand Down

0 comments on commit 360ce46

Please sign in to comment.








ApplySandwichStrip

pFad - (p)hone/(F)rame/(a)nonymizer/(d)eclutterfier!      Saves Data!


--- a PPN by Garber Painting Akron. With Image Size Reduction included!

Fetched URL: https://github.com/sebadob/rauthy/commit/360ce46c19bad81ee60de817f3b3f74f0dd3c408

Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy