fix(authz): Fixed issue with validating workspace ID in cookie (!28) · Merge requests · GitLab.org / Remote Development / gitlab-workspaces-proxy

Shekhar Patnaik requested to merge spatnaik/fix_issue_with_validation_of_workspaceID into main May 02, 2023

At the moment when we validate the cookie that has been set, we do not validate whether the cookie has been set for the right workspace. Therefore if someone has already authenticated into a workspace, they could get in to another workspace without having to go through authorization. This fix takes care of that scenario.

Fixed tests
Fixed validation of workspace ID in cookie

Edited May 02, 2023 by Shekhar Patnaik

fix(authz): Fixed issue with validating workspace ID in cookie

Merge request reports