David Handermann created NIFI-9060:
--------------------------------------
Summary: HTTP Cookie Paths ignore Proxy Context Path Headers
Key: NIFI-9060
URL: https://issues.apache.org/jira/browse/NIFI-9060
Project: Apache NiFi
Issue Type: Bug
Components: Core Framework, Security
Affects Versions: 1.14.0, 1.15.0
Reporter: David Handermann
Assignee: David Handermann
HTTP cookies that NiFi uses for authentication have hard-coded paths set to
forward-slash. This is acceptable for deployments where clients have direct
access to NiFi, or when a reverse proxy does not rewrite the context path. In
deployments where a reverse proxy performs URL rewriting, NiFi should set
cookie path based on proxy HTTP headers. NiFi WebUtils includes methods to
determine the context path based on supported proxy headers, which should be
used to set the paths for HTTP cookies.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
