fix: add Antiforgery cookie configuration for Nginx proxy HTTPS
TaxBaik CI/CD / build-and-deploy (push) Failing after 1m5s

- Add SameSite=Lax to session cookie
- Add SecurePolicy=SameAsRequest for proxy compatibility
- Explicitly configure Antiforgery cookie with same settings
- Resolves antiforgery token validation failures on HTTPS

This fixes the "required antiforgery cookie is not present" error
that occurs when behind Nginx reverse proxy with HTTPS.

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
This commit is contained in:
2026-07-04 02:55:23 +09:00
parent f0269826fe
commit dd660ef4b3
+12 -1
View File
@@ -106,9 +106,20 @@ builder.Services.AddSession(options =>
options.Cookie.HttpOnly = true;
options.Cookie.IsEssential = true;
options.Cookie.Name = "TaxBaik.SessionId";
options.Cookie.SameSite = Microsoft.AspNetCore.Http.SameSiteMode.Lax;
options.Cookie.SecurePolicy = Microsoft.AspNetCore.Http.CookieSecurePolicy.SameAsRequest;
});
builder.Services.AddDistributedMemoryCache();
// TempData는 기본적으로 쿠키 저장소 사용 (여기서 명시적 설정)
// Antiforgery 쿠키 설정 (Nginx 프록시 뒤 HTTPS 지원)
builder.Services.AddAntiforgery(options =>
{
options.Cookie.HttpOnly = true;
options.Cookie.IsEssential = true;
options.Cookie.SameSite = Microsoft.AspNetCore.Http.SameSiteMode.Lax;
options.Cookie.SecurePolicy = Microsoft.AspNetCore.Http.CookieSecurePolicy.SameAsRequest;
});
// TempData는 기본적으로 쿠키 저장소 사용 (위 세션 설정 상속)
// JWT 인증
var connectionString = builder.Configuration.GetConnectionString("Default")