From 77a799a4c94a20c809c915dfe0724e2962a063f4 Mon Sep 17 00:00:00 2001 From: Johannes Batzill Date: Mon, 24 Feb 2025 12:26:44 -0800 Subject: [PATCH] support fowarded for header as well --- app/api/handler/account/cookie.go | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/app/api/handler/account/cookie.go b/app/api/handler/account/cookie.go index a8085bc26..9edebfe2d 100644 --- a/app/api/handler/account/cookie.go +++ b/app/api/handler/account/cookie.go @@ -17,6 +17,7 @@ package account import ( "errors" "net/http" + "net/url" "time" "github.com/harness/gitness/types" @@ -53,7 +54,12 @@ func deleteTokenCookieIfPresent(r *http.Request, w http.ResponseWriter, cookieNa func newEmptyTokenCookie(r *http.Request, cookieName string) *http.Cookie { domain := r.URL.Hostname() - if headers, ok := r.Header["X-Forwarded-For"]; ok && len(headers) > 0 { + if urls, ok := r.Header["X-Forwarded-For"]; ok && len(urls) > 0 { + if url, err := url.Parse(urls[0]); err != nil { + domain = url.Hostname() + } + } + if headers, ok := r.Header["X-Forwarded-Header"]; ok && len(headers) > 0 { domain = headers[0] }