libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

KEYCLOAK-14132 DefaultSecurityHeadersProvider should support 307 as redirect code

Browse source
This commit is contained in:
Martin Kanis 2020-05-19 10:55:22 +02:00 committed by Stian Thorgersen
parent 206ccb3f13
commit 8f18cf1646
1 changed files with 3 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
services/src/main/java/org/keycloak/headers/DefaultSecurityHeadersProvider.java
View file

@ -134,7 +134,9 @@ public class DefaultSecurityHeadersProvider implements SecurityHeadersProvider {
return true;
}
int status = responseContext.getStatus();
if (status == 201 || status == 204 || status == 301 || status == 302 || status == 303 || status == 400 || status == 401 || status == 403 || status == 404) {
if (status == 201 || status == 204 ||
status == 301 || status == 302 || status == 303 || status == 307 || status == 308 ||
status == 400 || status == 401 || status == 403 || status == 404) {
return true;
}
if (requestContext.getMethod().equalsIgnoreCase("OPTIONS")) {