Skip to content
Snippets Groups Projects
Commit 03c3083f authored by Daniel A.C. Martin's avatar Daniel A.C. Martin Committed by Bruno Oliveira da Silva
Browse files

[KEYCLOAK-10668] Do not set the cookie domain 

By setting the domain attribute on the cookie we were allowing the
cookie to be applied to subdomains where it may not be valid and may
interfere with other services protected by keycloak-gatekeeper.

(For example, a gatekeeper running on https://domain.com could break a
gatekeeper running on https://sub.domain.com .)

Instead, we should simply not set the attribute unless there is
a specific domain configured.

For more information please see section 4.1.2.3 of [RFC 6265].

[RFC 6265]: https://tools.ietf.org/html/rfc6265#section-4.1.2
parent 45207a56
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment