davrot/forgejo_backup
1
0
Fork 0
mirror of https://codeberg.org/davrot/forgejo.git synced 2025-05-25 21:00:01 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix: Fix to delete cookie when AppSubURL is non-empty (#30375) (#30469)

Browse source 
Backport #30375 by @jtran

Cookies may exist on "/subpath" and "/subpath/" for some legacy reasons
(eg: changed CookiePath behavior in code). The legacy cookie should be
removed correctly.

Co-authored-by: Jonathan Tran <jonnytran@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Kyle D <kdumontnu@gmail.com>
(cherry picked from commit e64926c5193e9ccc30b34f187d96c74d104179ae)
This commit is contained in:
Giteabot 2024-04-14 20:27:36 +08:00 committed by Earl Warren
parent b4ccfe1bc5
commit 65ba5b924f
No known key found for this signature in database
GPG key ID: 0579CB2928A78A00
3 changed files with 37 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

7
modules/session/store.go
View file

@ -6,6 +6,9 @@ package session
import (
"net/http"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/web/middleware"
"gitea.com/go-chi/session"
)
@ -18,6 +21,10 @@ type Store interface {
// RegenerateSession regenerates the underlying session and returns the new store
func RegenerateSession(resp http.ResponseWriter, req *http.Request) (Store, error) {
// Ensure that a cookie with a trailing slash does not take precedence over
// the cookie written by the middleware.
middleware.DeleteLegacySiteCookie(resp, setting.SessionConfig.CookieName)
s, err := session.RegenerateSession(resp, req)
return s, err
}