Send pdata cookie to cross domain (#1829)
This commit is contained in:
parent
81d18516a8
commit
2016abd2ee
|
@ -292,6 +292,11 @@ languages = en, fr, vi, it, ar, de, fi
|
|||
; Set to 0 to disable error on XSS attack detection
|
||||
;checkXSS = 0
|
||||
|
||||
; pdata cookie domain
|
||||
; pdata cookie could not be sent with cross domains AJAX request
|
||||
; Null is default value
|
||||
;pdataDomain = example.com
|
||||
|
||||
; CUSTOM PLUGINS
|
||||
; If you want to add custom plugins, set list here (comma separated)
|
||||
; Read Lemonldap::NG::Portal::Main::Plugin(3pm) man page.
|
||||
|
|
|
@ -2216,6 +2216,13 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][
|
|||
'default' => 3,
|
||||
'type' => 'int'
|
||||
},
|
||||
'pdataDomain' => {
|
||||
'default' => '',
|
||||
'msgFail' => '__badDomainName__',
|
||||
'test' =>
|
||||
qr/^(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?))?$/,
|
||||
'type' => 'text'
|
||||
},
|
||||
'persistentStorage' => {
|
||||
'type' => 'PerlModule'
|
||||
},
|
||||
|
|
|
@ -968,6 +968,14 @@ sub attributes {
|
|||
documentation => 'DNS domain',
|
||||
flags => 'hp',
|
||||
},
|
||||
pdataDomain => {
|
||||
type => 'text',
|
||||
test => qr/^(?:$Regexp::Common::URI::RFC2396::hostname)?$/,
|
||||
msgFail => '__badDomainName__',
|
||||
default => '',
|
||||
documentation => 'pdata cookie DNS domain',
|
||||
flags => 'hp',
|
||||
},
|
||||
httpOnly => {
|
||||
default => 1,
|
||||
type => 'bool',
|
||||
|
|
|
@ -61,7 +61,16 @@ sub handler {
|
|||
name => $self->conf->{cookieName} . 'pdata',
|
||||
(
|
||||
%{ $req->pdata }
|
||||
? ( value => uri_escape( JSON::to_json( $req->pdata ) ) )
|
||||
? ( (
|
||||
$self->conf->{pdataDomain}
|
||||
? (
|
||||
value => uri_escape( JSON::to_json( $req->pdata ) ),
|
||||
domain => $self->conf->{pdataDomain},
|
||||
)
|
||||
: ( value => uri_escape( JSON::to_json( $req->pdata ) ),
|
||||
)
|
||||
)
|
||||
)
|
||||
: (
|
||||
value => '',
|
||||
expires => 'Wed, 21 Oct 2015 00:00:00 GMT'
|
||||
|
|
|
@ -331,6 +331,7 @@ sub issuer {
|
|||
ini => {
|
||||
logLevel => $debug,
|
||||
domain => 'idp.com',
|
||||
pdataDomain => 'idp.com',
|
||||
portal => 'http://auth.idp.com',
|
||||
authentication => 'Demo',
|
||||
userDB => 'Same',
|
||||
|
@ -464,6 +465,7 @@ sub sp {
|
|||
ini => {
|
||||
logLevel => $debug,
|
||||
domain => 'sp.com',
|
||||
pdataDomain => 'sp.com',
|
||||
portal => 'http://auth.sp.com',
|
||||
authentication => 'SAML',
|
||||
userDB => 'Same',
|
||||
|
|
Loading…
Reference in New Issue
Block a user