mirror of
https://github.com/grafana/grafana.git
synced 2024-11-23 01:16:31 -06:00
d94796a022
According to the stackoverflow answer below, it is recommended to not include a trailing / in cookies' path. By removing the trailing / for our cookies path value, people's browsers visiting grafana will pass the cookie not only to /grafana/ sub paths but also to /grafana sub paths. This commit avoids the situation where a user would visit http://localhost/grafana, get redirected to http://localhost/grafana/login, and following login get redirected back to http://localhost/grafana, but since the grafana_session cookie isn't passed along get redirected back once more to http://localhost/grafana/login. ref: https://stackoverflow.com/questions/36131023/setting-a-slash-on-cookie-path/53784228#53784228 ref: https://tools.ietf.org/html/rfc6265#section-5.1.4 |
||
|---|---|---|
| .. | ||
| auth_proxy | ||
| auth_proxy.go | ||
| auth_test.go | ||
| auth.go | ||
| cookie.go | ||
| dashboard_redirect_test.go | ||
| dashboard_redirect.go | ||
| headers.go | ||
| logger.go | ||
| middleware_basic_auth_test.go | ||
| middleware_test.go | ||
| middleware.go | ||
| org_redirect_test.go | ||
| org_redirect.go | ||
| perf.go | ||
| quota_test.go | ||
| quota.go | ||
| recovery_test.go | ||
| recovery.go | ||
| render_auth.go | ||
| request_metrics.go | ||
| request_tracing.go | ||
| testing.go | ||
| util.go | ||
| validate_host.go | ||