Feat: Match allowed cookies with optional character (#71047)

* Match allowed cookies with optional character

* Use strings package
This commit is contained in:
ismail simsek
2023-07-05 17:12:56 +03:00
committed by GitHub
parent 971058919f
commit 81ba27c149
3 changed files with 133 additions and 1 deletions

View File

@ -5,6 +5,7 @@ import (
"net"
"net/http"
"sort"
"strings"
"github.com/grafana/grafana/pkg/services/user"
)
@ -46,8 +47,23 @@ func ClearCookieHeader(req *http.Request, keepCookiesNames []string, skipCookies
keepCookies := map[string]*http.Cookie{}
for _, c := range req.Cookies() {
for _, v := range keepCookiesNames {
if c.Name == v {
// match all
if v == "[]" {
keepCookies[c.Name] = c
continue
}
if strings.HasSuffix(v, "[]") {
// match prefix
pattern := strings.TrimSuffix(v, "[]")
if strings.HasPrefix(c.Name, pattern) {
keepCookies[c.Name] = c
}
} else {
// exact match
if c.Name == v {
keepCookies[c.Name] = c
}
}
}
}