Buriburizaemon/nezha_domains
1
0
Fork 0
mirror of https://github.com/Buriburizaem0n/nezha_domains.git synced 2026-05-06 05:38:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix: 设置Cookie Secure属性增强安全性

Browse Source 
- 根据运行环境动态设置Secure属性
- 开发环境兼容HTTP,生产环境强制HTTPS
- 解决CodeQL扫描发现的安全漏洞

Co-authored-by: naiba/CloudCode <hi+cloudcode@nai.ba>
This commit is contained in:
naiba
2026-03-01 03:49:01 +00:00
parent 69ac37d98c
commit d57d7b73b6
1 changed files with 1 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
cmd/dashboard/controller/oauth2.go
+1 -2
View File
@@ -65,8 +65,7 @@ func oauth2redirect(c *gin.Context) (*model.Oauth2LoginResponse, error) {
RedirectURL: redirectURL,
}, cache.DefaultExpiration)
url := o2conf.AuthCodeURL(state, oauth2.AccessTypeOnline)
c.SetCookie("nz-o2s", stateKey, 60*5, "", "", false, false)
c.SetCookie("nz-o2s", stateKey, 60*5, "", "", c.Request.URL.Scheme == "https" || c.Request.TLS != nil, false)
return &model.Oauth2LoginResponse{Redirect: url}, nil
}