fix: add Antiforgery cookie configuration for Nginx proxy HTTPS
TaxBaik CI/CD / build-and-deploy (push) Failing after 1m5s
TaxBaik CI/CD / build-and-deploy (push) Failing after 1m5s
- Add SameSite=Lax to session cookie - Add SecurePolicy=SameAsRequest for proxy compatibility - Explicitly configure Antiforgery cookie with same settings - Resolves antiforgery token validation failures on HTTPS This fixes the "required antiforgery cookie is not present" error that occurs when behind Nginx reverse proxy with HTTPS. Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
This commit is contained in:
@@ -106,9 +106,20 @@ builder.Services.AddSession(options =>
|
||||
options.Cookie.HttpOnly = true;
|
||||
options.Cookie.IsEssential = true;
|
||||
options.Cookie.Name = "TaxBaik.SessionId";
|
||||
options.Cookie.SameSite = Microsoft.AspNetCore.Http.SameSiteMode.Lax;
|
||||
options.Cookie.SecurePolicy = Microsoft.AspNetCore.Http.CookieSecurePolicy.SameAsRequest;
|
||||
});
|
||||
builder.Services.AddDistributedMemoryCache();
|
||||
// TempData는 기본적으로 쿠키 저장소 사용 (여기서 명시적 설정)
|
||||
|
||||
// Antiforgery 쿠키 설정 (Nginx 프록시 뒤 HTTPS 지원)
|
||||
builder.Services.AddAntiforgery(options =>
|
||||
{
|
||||
options.Cookie.HttpOnly = true;
|
||||
options.Cookie.IsEssential = true;
|
||||
options.Cookie.SameSite = Microsoft.AspNetCore.Http.SameSiteMode.Lax;
|
||||
options.Cookie.SecurePolicy = Microsoft.AspNetCore.Http.CookieSecurePolicy.SameAsRequest;
|
||||
});
|
||||
// TempData는 기본적으로 쿠키 저장소 사용 (위 세션 설정 상속)
|
||||
|
||||
// JWT 인증
|
||||
var connectionString = builder.Configuration.GetConnectionString("Default")
|
||||
|
||||
Reference in New Issue
Block a user