comparison mod_strict_https/mod_strict_https.lua @ 5256:44f7edd4f845

mod_http_oauth2: Reject non-local hosts in more code paths We're not issuing tokens for users on remote hosts, we can't even authenticate them since they're remote. Thus the host is always the local module.host so no need to pass around the host in most cases or use it for anything but enforcing the same host.
author Kim Alvefur <zash@zash.se>
date Thu, 16 Mar 2023 17:52:10 +0100
parents efa9c1676d1f
children b3158647cb36
comparison
equal deleted inserted replaced
5255:001c8fdc91a4 5256:44f7edd4f845