anubis

mirror of https://github.com/TecharoHQ/anubis.git synced 2025-11-29 09:00:21 +08:00

History

Xe Iaso 7ed1753fcc fix(lib): close open redirect when in subrequest mode (#1222 ) * test(nginx-external-auth): bring up to code standards Signed-off-by: Xe Iaso <me@xeiaso.net> * fix(lib): close open redirect when in subrequest mode Closes GHSA-cf57-c578-7jvv Previously Anubis had an open redirect in subrequest auth mode due to an insufficent fix in GHSA-jhjj-2g64-px7c. This patch adds additional validation at several steps of the flow to prevent open redirects in subrequest auth mode as well as implements automated testing to prevent this from occuring in the future. * docs: update CHANGELOG Signed-off-by: Xe Iaso <me@xeiaso.net> --------- Signed-off-by: Xe Iaso <me@xeiaso.net>		2025-10-29 16:07:31 -04:00
..
conf.d	Add check endpoint which can be used with nginx' auth_request function (#266 )	2025-04-25 17:38:02 +00:00
deployment.yaml	fix(lib): close open redirect when in subrequest mode (#1222 )	2025-10-29 16:07:31 -04:00
ingress.yaml	fix(lib): close open redirect when in subrequest mode (#1222 )	2025-10-29 16:07:31 -04:00
kustomization.yaml	fix(lib): close open redirect when in subrequest mode (#1222 )	2025-10-29 16:07:31 -04:00
service.yaml	fix(lib): close open redirect when in subrequest mode (#1222 )	2025-10-29 16:07:31 -04:00
start.sh	fix(lib): close open redirect when in subrequest mode (#1222 )	2025-10-29 16:07:31 -04:00