Canithesis/checkpoint
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

token: set topmost domain as owner of cookie

Browse Source 
ref #4
This commit is contained in:
Vaxry
2025-04-14 00:16:56 +01:00
parent 2c757c449a
commit 067c993317
1 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/core/Handler.cpp
View File

@@ -267,6 +267,14 @@ void CServerHandler::challengeSubmitted(const Pistache::Http::Request& req, Pist
if (hostDomain.contains(":"))
hostDomain = hostDomain.substr(0, hostDomain.find(':'));
// ipv4 vvvvvvvv vvvv ipv6
if (!std::isdigit(hostDomain.back()) && hostDomain.back() != ']') {
size_t lastdot = hostDomain.find_last_of('.');
lastdot = hostDomain.find_last_of('.', lastdot - 1);
if (lastdot != std::string::npos)
hostDomain = hostDomain.substr(lastdot + 1);
}
response.headers().add(
std::make_shared<SetCookieHeader>(std::string{TOKEN_COOKIE_NAME} + "=" + TOKEN.tokenCookie() + "; Domain=" + hostDomain + "; HttpOnly; Path=/; Secure; SameSite=Lax"));