Startsida Utforska Hjälp
Registrera dig Logga in
OpenSource
/
open-webui
2
0
Fork 0
Filer Ärenden 0 Pull-förfrågningar 0 Wiki
Bläddra i källkod

Fixed an issue with clearing application cookies during OAuth signout

Closes #8885.

During the OAuth signout flow, although the `token` and `oauth_id_token`
cookies were marked for deletion, a new RedirectResponse is created and
returned. This does not contain the header info from the he Response object
used to mark the cookies to be deleted. Hence the cookies remained.
Fixed this by re-using the headers from the other Response object.
Ranjan Mohan 3 månader sedan
förälder
0c3ba5123e
incheckning
6c6be5de88
1 ändrade filer med 1 tillägg och 0 borttagningar
Delad Vy Visa Diff Statistik
  1. 1 0
      backend/open_webui/routers/auths.py

+ 1 - 0
backend/open_webui/routers/auths.py
Visa fil 

@@ -546,6 +546,7 @@ async def signout(request: Request, response: Response):
 
                             if logout_url:
 
                                 response.delete_cookie("oauth_id_token")
 
                                 return RedirectResponse(
 
+                                    headers=response.headers,
 
                                     url=f"{logout_url}?id_token_hint={oauth_id_token}"
 
                                 )
 
                         else: