Open fservida opened 2 years ago
fservida
commented
2 years ago Commit 44e959c fixes the login with the cookies, which was also critical as the manual redirect URL meant any auth flow became problematic as it was always redirected to the /admin/ path.
Solves #12 and #7
aurorasmiles
commented
1 year ago Thank you very much, this solved my issue similar to #7
Shocktrooper
commented
1 year ago @joshp23 Is there any way we can get this merged soon?
Shocktrooper
commented
1 year ago This code has been stable and working for us for the past week or so with no issues
When using Yourls behind a reverse proxy apparently jumbojett has trouble detecting the correct URL, as it redirects to /admin and not /admin/ (at least in my setup using yours docker image). This leads to subsequent broken redirects and http downgrade (probably more of an issue with yourls itself). (see screenshots). Because of the http downgrade, apart from the obvious problem of insecure traffic, this breaks implementations in frames.
I've managed to simply fix this by manually setting the redirect URL that the OIDC plugin uses instead of autodetecting it. As it might be useful for others I've generalized the solution by reading an optional constant from the config.php file.