IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-01-11 08:41:55 -06:00
Code Issues Packages Projects Releases Wiki Activity

Deduplicate session cookies in headers

Browse Source 
This removes one of the 2 identical copies of the ipa_session cookie

Fixes https://fedorahosted.org/freeipa/ticket/6676

Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
This commit is contained in:
Simo Sorce 2017-02-16 13:29:10 -05:00 committed by Martin Basti
parent b895f4a34b
commit d0642bfa55
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
install/conf/ipa.conf
View File

@ -79,6 +79,11 @@ WSGIScriptReloading Off
WSGIApplicationGroup ipa
Header always append X-Frame-Options DENY
Header always append Content-Security-Policy "frame-ancestors 'none'"
# mod_session always sets two copies of the cookie, and this confuses our
# legacy clients, the unset here works because it ends up unsetting only one
# of the 2 header tables set by mod_session, leaving the other intact
Header unset Set-Cookie
</Location>
# Target for login with internal connections