-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Bug]: Infinite loop if the Csrf cookie is set twice #2606
Labels
Comments
4 tasks
I solved this bug adding this 2 options in the deployment of Oauth2-proxy @Primexz !
After add this, you have to restart your deployment. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
OAuth2-Proxy Version
7.6.0
Provider
None
Expected Behaviour
If I have two invalid CSRF cookies as a user, I expect to be able to log in without deleting my cookies.
Current Behaviour
As soon as the CSRF token is set twice, a user will end up in the endless loop and will no longer be able to log in without deleting their cookies.
Screen.Recording.2024-04-10.at.15.20.30.mov
Steps To Reproduce
Possible Solutions
The solution I have in mind is to search all cookies with the correct name to see if a matching CSRF cookie can be found.
Configuration details or additional information
No response
The text was updated successfully, but these errors were encountered: