File tree Expand file tree Collapse file tree 1 file changed +4
-3
lines changed
enterprise/coderd/identityprovider Expand file tree Collapse file tree 1 file changed +4
-3
lines changed Original file line number Diff line number Diff line change @@ -16,10 +16,11 @@ func authorizeMW(accessURL *url.URL) func(next http.Handler) http.Handler {
16
16
return func (next http.Handler ) http.Handler {
17
17
return http .HandlerFunc (func (rw http.ResponseWriter , r * http.Request ) {
18
18
origin := r .Header .Get (httpmw .OriginHeader )
19
+ // TODO: The origin can be blank from some clients, like cURL. For now
20
6D33
+ // only browser-based auth flow is officially supported but in a future PR
21
+ // we should support a cURL-based and blank origin flows.
19
22
originU , err := url .Parse (origin )
20
- if err != nil {
21
- // TODO: Curl requests will not have this. One idea is to always show
22
- // html here??
23
+ if err != nil || origin == "" {
23
24
httpapi .Write (r .Context (), rw , http .StatusBadRequest , codersdk.Response {
24
25
Message : "Invalid or missing origin header." ,
25
26
Detail : err .Error (),
You can’t perform that action at this time.
0 commit comments