Pablu/domain-router
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Make cookies send back from router secure, if router is secured by ssl

Browse Source
This commit is contained in:
Pablu23
2025-09-02 15:13:15 +02:00
parent 247e4e5747
commit 8ef6f4b809
1 changed files with 8 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
router.go
View File

@@ -157,11 +157,15 @@ func applyResponseHeader(w http.ResponseWriter, res *http.Response) {
w.Header().Set(name, value) w.Header().Set(name, value)
} }
} }
w.WriteHeader(res.StatusCode)
} }
func applyCookies(w http.ResponseWriter, res *http.Response) { func (router *Router) applyCookies(w http.ResponseWriter, res *http.Response) {
cookies := res.Cookies() cookies := res.Cookies()
for _, cookie := range cookies { for _, cookie := range cookies {
if router.config.Server.Ssl.Enabled {
cookie.Secure = true
}
http.SetCookie(w, cookie) http.SetCookie(w, cookie)
} }
} }
@@ -222,7 +226,8 @@ func (router *Router) Route(w http.ResponseWriter, r *http.Request) {
return return
} }
applyCookies(w, res) router.applyCookies(w, res)
applyResponseHeader(w, res)
// Exit early because its a redirect // Exit early because its a redirect
// Maybe this should be before applying cookies or after applying headers // Maybe this should be before applying cookies or after applying headers
@@ -230,8 +235,6 @@ func (router *Router) Route(w http.ResponseWriter, r *http.Request) {
return return
} }
applyResponseHeader(w, res)
err = applyBody(w, res) err = applyBody(w, res)
if err != nil { if err != nil {
log.Error().Err(err).Msg("Could not apply body") log.Error().Err(err).Msg("Could not apply body")
@@ -242,7 +245,7 @@ func (router *Router) Route(w http.ResponseWriter, r *http.Request) {
func handleLocation(w http.ResponseWriter, r *http.Request, res *http.Response) bool { func handleLocation(w http.ResponseWriter, r *http.Request, res *http.Response) bool {
if loc, err := res.Location(); err == nil { if loc, err := res.Location(); err == nil {
http.Redirect(w, r, loc.RequestURI(), http.StatusFound) http.Redirect(w, r, loc.String(), http.StatusFound)
return false return false
} else if !errors.Is(err, http.ErrNoLocation) { } else if !errors.Is(err, http.ErrNoLocation) {
log.Error().Err(err).Msg("Could not extract location") log.Error().Err(err).Msg("Could not extract location")