2022-08-17 17:09:45 +00:00
|
|
|
package httpapi
|
|
|
|
|
|
|
|
import (
|
|
|
|
"net/textproto"
|
|
|
|
"strings"
|
|
|
|
|
2023-08-18 18:55:43 +00:00
|
|
|
"github.com/coder/coder/v2/codersdk"
|
2022-08-17 17:09:45 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
// StripCoderCookies removes the session token from the cookie header provided.
|
|
|
|
func StripCoderCookies(header string) string {
|
|
|
|
header = textproto.TrimString(header)
|
|
|
|
cookies := []string{}
|
|
|
|
|
|
|
|
var part string
|
|
|
|
for len(header) > 0 { // continue since we have rest
|
|
|
|
part, header, _ = strings.Cut(header, ";")
|
|
|
|
part = textproto.TrimString(part)
|
|
|
|
if part == "" {
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
name, _, _ := strings.Cut(part, "=")
|
2023-01-29 21:47:24 +00:00
|
|
|
if name == codersdk.SessionTokenCookie ||
|
|
|
|
name == codersdk.OAuth2StateCookie ||
|
2023-03-07 19:38:11 +00:00
|
|
|
name == codersdk.OAuth2RedirectCookie ||
|
2023-08-29 01:34:52 +00:00
|
|
|
name == codersdk.PathAppSessionTokenCookie ||
|
|
|
|
name == codersdk.SubdomainAppSessionTokenCookie ||
|
|
|
|
name == codersdk.SignedAppTokenCookie {
|
2022-08-17 17:09:45 +00:00
|
|
|
continue
|
|
|
|
}
|
|
|
|
cookies = append(cookies, part)
|
|
|
|
}
|
|
|
|
return strings.Join(cookies, "; ")
|
|
|
|
}
|