mirror of
https://github.com/grafana/grafana.git
synced 2024-12-01 04:59:15 -06:00
d94796a022
According to the stackoverflow answer below, it is recommended to not include a trailing / in cookies' path. By removing the trailing / for our cookies path value, people's browsers visiting grafana will pass the cookie not only to /grafana/ sub paths but also to /grafana sub paths. This commit avoids the situation where a user would visit http://localhost/grafana, get redirected to http://localhost/grafana/login, and following login get redirected back to http://localhost/grafana, but since the grafana_session cookie isn't passed along get redirected back once more to http://localhost/grafana/login. ref: https://stackoverflow.com/questions/36131023/setting-a-slash-on-cookie-path/53784228#53784228 ref: https://tools.ietf.org/html/rfc6265#section-5.1.4 |
||
---|---|---|
.. | ||
auth_proxy | ||
auth_proxy.go | ||
auth_test.go | ||
auth.go | ||
cookie.go | ||
dashboard_redirect_test.go | ||
dashboard_redirect.go | ||
headers.go | ||
logger.go | ||
middleware_basic_auth_test.go | ||
middleware_test.go | ||
middleware.go | ||
org_redirect_test.go | ||
org_redirect.go | ||
perf.go | ||
quota_test.go | ||
quota.go | ||
recovery_test.go | ||
recovery.go | ||
render_auth.go | ||
request_metrics.go | ||
request_tracing.go | ||
testing.go | ||
util.go | ||
validate_host.go |