-
Notifications
You must be signed in to change notification settings - Fork 1.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Rule-restricted wildcard match of single subdomain #488 #1783
Conversation
a4a0a0a
to
2737347
Compare
aab3288
to
cb7d216
Compare
33d7e53
to
d036770
Compare
@postmaxin |
@@ -575,7 +588,8 @@ func validateRedirectURI(client storage.Client, redirectURI string) bool { | |||
if err != nil { | |||
return false | |||
} | |||
if u.Scheme != "http" { | |||
// public clients should use http or https (#1300) | |||
if u.Scheme != "http" && u.Scheme != "https" { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This was discussed in open issue #1300 – it was a quick/logical quick so included here, but not relevant to main issue of wildcard support.
Would also like to see this as well. |
7b626e8
to
37fa1fe
Compare
This would be awesome to get into the next release! I know everyone is busy but it would be great if this can be reviewed! |
…ain via LRU cache Signed-off-by: Thomas Haines <[email protected]>
…rom hashicorp Signed-off-by: Thomas Haines <[email protected]>
Signed-off-by: Thomas Haines <[email protected]>
…ildcard matcher to operate within host portion of URL to ensure immune to injection type patterns in the path Signed-off-by: Thomas Haines <[email protected]>
…ttern url matching, more tests. Signed-off-by: vadym <[email protected]>
37fa1fe
to
d195453
Compare
Signed-off-by: vadym <[email protected]>
Looking forward testing this, could we help making this feature its way to the next release. |
Add support for rule-restricted wildcard match of lowest-level subdomain via LRU cache.
This PR: