TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-08-11 17:48:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

rm /login handling on the middleware

Browse Source
This commit is contained in:
Max Peintner
2025-06-27 11:38:37 +02:00
parent ff29ab834b
commit ba7bdb7517
1 changed files with 17 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
apps/login/src/middleware.ts
View File

@@ -49,25 +49,25 @@ export async function middleware(request: NextRequest) {
}
// Check if the request is for the /login route that handles the auth request for OIDC none prompt
let isLoginRouteMatched = request.nextUrl.pathname.startsWith("/login/");
// let isLoginRouteMatched = request.nextUrl.pathname.startsWith("/login/");
let securitySettings;
if (isLoginRouteMatched) {
securitySettings = await loadSecuritySettings(request);
// let securitySettings;
// if (isLoginRouteMatched) {
// securitySettings = await loadSecuritySettings(request);
if (securitySettings?.embeddedIframe?.enabled) {
const response = NextResponse.next({
request: { headers: requestHeaders },
});
// if (securitySettings?.embeddedIframe?.enabled) {
// const response = NextResponse.next({
// request: { headers: requestHeaders },
// });
response.headers.set(
"Content-Security-Policy",
`${DEFAULT_CSP} frame-ancestors ${securitySettings.embeddedIframe.allowedOrigins.join(" ")};`,
);
response.headers.delete("X-Frame-Options");
return response;
}
}
// response.headers.set(
// "Content-Security-Policy",
// `${DEFAULT_CSP} frame-ancestors ${securitySettings.embeddedIframe.allowedOrigins.join(" ")};`,
// );
// response.headers.delete("X-Frame-Options");
// return response;
// }
// }
// Only run the rest of the logic for the original matcher paths
const proxyPaths = [
@@ -109,9 +109,7 @@ export async function middleware(request: NextRequest) {
responseHeaders.set("Access-Control-Allow-Origin", "*");
responseHeaders.set("Access-Control-Allow-Headers", "*");
if (!securitySettings) {
securitySettings = await loadSecuritySettings(request);
}
const securitySettings = await loadSecuritySettings(request);
if (securitySettings?.embeddedIframe?.enabled) {
responseHeaders.set(