mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
fix(server): provide correct scheme to templated files (#2486)
This utilizes the context of the request and configuration to determine the correct scheme to use for the base URL. Fixes #2485. Fixes #2476.
This commit is contained in:
parent
fff0e31d0d
commit
0d7777e3f5
|
@ -34,9 +34,11 @@ func registerRoutes(configuration schema.Configuration, providers middlewares.Pr
|
|||
embeddedFS := fasthttpadaptor.NewFastHTTPHandler(http.FileServer(http.FS(embeddedPath)))
|
||||
rootFiles := []string{"favicon.ico", "manifest.json", "robots.txt"}
|
||||
|
||||
serveIndexHandler := ServeTemplatedFile(embeddedAssets, indexFile, rememberMe, resetPassword, configuration.Session.Name, configuration.Theme)
|
||||
serveSwaggerHandler := ServeTemplatedFile(swaggerAssets, indexFile, rememberMe, resetPassword, configuration.Session.Name, configuration.Theme)
|
||||
serveSwaggerAPIHandler := ServeTemplatedFile(swaggerAssets, apiFile, rememberMe, resetPassword, configuration.Session.Name, configuration.Theme)
|
||||
https := configuration.Server.TLS.Key != "" && configuration.Server.TLS.Certificate != ""
|
||||
|
||||
serveIndexHandler := ServeTemplatedFile(embeddedAssets, indexFile, rememberMe, resetPassword, configuration.Session.Name, configuration.Theme, https)
|
||||
serveSwaggerHandler := ServeTemplatedFile(swaggerAssets, indexFile, rememberMe, resetPassword, configuration.Session.Name, configuration.Theme, https)
|
||||
serveSwaggerAPIHandler := ServeTemplatedFile(swaggerAssets, apiFile, rememberMe, resetPassword, configuration.Session.Name, configuration.Theme, https)
|
||||
|
||||
r := router.New()
|
||||
r.GET("/", serveIndexHandler)
|
||||
|
|
|
@ -18,7 +18,7 @@ var alphaNumericRunes = []rune("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUV
|
|||
// ServeTemplatedFile serves a templated version of a specified file,
|
||||
// this is utilised to pass information between the backend and frontend
|
||||
// and generate a nonce to support a restrictive CSP while using material-ui.
|
||||
func ServeTemplatedFile(publicDir, file, rememberMe, resetPassword, session, theme string) fasthttp.RequestHandler {
|
||||
func ServeTemplatedFile(publicDir, file, rememberMe, resetPassword, session, theme string, https bool) fasthttp.RequestHandler {
|
||||
logger := logging.Logger()
|
||||
|
||||
f, err := assets.Open(publicDir + file)
|
||||
|
@ -42,7 +42,19 @@ func ServeTemplatedFile(publicDir, file, rememberMe, resetPassword, session, the
|
|||
base = baseURL.(string)
|
||||
}
|
||||
|
||||
baseURL := "https://" + string(ctx.Request.Host()) + base + "/"
|
||||
var scheme = "https"
|
||||
|
||||
if !https {
|
||||
proto := string(ctx.Request.Header.Peek(fasthttp.HeaderXForwardedProto))
|
||||
switch proto {
|
||||
case "":
|
||||
scheme = "http"
|
||||
default:
|
||||
scheme = proto
|
||||
}
|
||||
}
|
||||
|
||||
baseURL := scheme + "://" + string(ctx.Request.Host()) + base + "/"
|
||||
nonce := utils.RandomString(32, alphaNumericRunes)
|
||||
|
||||
switch extension := filepath.Ext(file); extension {
|
||||
|
|
Loading…
Reference in New Issue
Block a user