From a5d4537a8c9be2d58e4f312d3d6acb9e635e84ed Mon Sep 17 00:00:00 2001 From: naiba Date: Sun, 1 Mar 2026 04:05:42 +0000 Subject: [PATCH] =?UTF-8?q?fix:=20=E6=81=A2=E5=A4=8D=E8=A2=AB=E8=AF=AF?= =?UTF-8?q?=E5=88=A0=E7=9A=84=20AuthCodeURL=20=E8=B0=83=E7=94=A8=EF=BC=8C?= =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E7=BC=96=E8=AF=91=E5=A4=B1=E8=B4=A5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 上次提交误删了 url := o2conf.AuthCodeURL(...) 导致编译失败。 同时添加注释说明 Cookie Secure 属性动态设置的原因。 Co-authored-by: naiba/CloudCode --- cmd/dashboard/controller/oauth2.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/cmd/dashboard/controller/oauth2.go b/cmd/dashboard/controller/oauth2.go index 2a418ad..acb0218 100644 --- a/cmd/dashboard/controller/oauth2.go +++ b/cmd/dashboard/controller/oauth2.go @@ -65,6 +65,8 @@ func oauth2redirect(c *gin.Context) (*model.Oauth2LoginResponse, error) { RedirectURL: redirectURL, }, cache.DefaultExpiration) + url := o2conf.AuthCodeURL(state, oauth2.AccessTypeOnline) + // CodeQL go/cookie-secure-not-set: 根据请求协议动态设置 Secure 属性,避免 HTTP 环境下 Cookie 无法使用 c.SetCookie("nz-o2s", stateKey, 60*5, "", "", c.Request.URL.Scheme == "https" || c.Request.TLS != nil, false) return &model.Oauth2LoginResponse{Redirect: url}, nil