v5.0.0
Release Hightlights
- Disabled CGO (binaries will work regardless og glibc/musl)
- Allow whitelisted redirect ports
- Nextcloud provider support added
- DigitalOcean provider support added
Important Notes
- (Security) Fix for open redirect vulnerability.. a bad actor using
/\in redirect URIs can redirect a session to another domain
Breaking Changes
- #321 Add reverse proxy boolean flag to control whether headers like
X-Real-Ipare accepted.
This defaults to false. Usage behind a reverse proxy will require this flag to be set to avoid logging the reverse proxy IP address.
Changes since v4.1.0
- #331 Add reverse proxy setting (@martin-css)
- #365 Build with CGO=0 (@tomelliff)
- #339 Add configuration for cookie 'SameSite' value. (@pgroudas)
- #347 Update keycloak provider configuration documentation. (@sushiMix)
- #325 dist.sh: use sha256sum (@syscll)
- #179 Add Nextcloud provider (@Ramblurr)
- #280 whitelisted redirect domains: add support for whitelisting specific ports or allowing wildcard ports (@kamaln7)
- #351 Add DigitalOcean Auth provider (@kamaln7)