mirror of
https://github.com/bitwarden/server.git
synced 2025-07-04 09:32:48 -05:00
Remove referer header match from middleware (#928)
This commit is contained in:
@ -32,20 +32,6 @@ namespace Bit.Sso.Utilities
|
||||
return true;
|
||||
}
|
||||
|
||||
// Determine if the Authority matches the Referrer (short-cut)
|
||||
var referrer = context.Request.Headers["Referer"].FirstOrDefault();
|
||||
if (!string.IsNullOrWhiteSpace(referrer) &&
|
||||
Uri.TryCreate(referrer, UriKind.Absolute, out var referrerUri) &&
|
||||
(referrerUri.IsBaseOf(idp.SingleSignOnServiceUrl) ||
|
||||
idp.SingleSignOnServiceUrl.IsBaseOf(referrerUri) ||
|
||||
referrerUri.IsBaseOf(idp.SingleLogoutServiceUrl) ||
|
||||
idp.SingleLogoutServiceUrl.IsBaseOf(referrerUri) ||
|
||||
referrerUri.IsBaseOf(idp.SingleLogoutServiceResponseUrl) ||
|
||||
idp.SingleLogoutServiceResponseUrl.IsBaseOf(referrerUri)))
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
||||
// We need to pull out and parse the response or request SAML envelope
|
||||
XmlElement assertion = null;
|
||||
try
|
||||
|
Reference in New Issue
Block a user