From 43bd8b751073eba66ffa8f7f892b3165f4b3d70d Mon Sep 17 00:00:00 2001 From: Jonas Thelemann Date: Wed, 10 May 2023 02:41:52 +0200 Subject: [PATCH] fix(traefik-forward-auth): correct spelling mistake It's surely meant to be "feature". --- docs/docker-swarm/traefik-forward-auth/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/docker-swarm/traefik-forward-auth/index.md b/docs/docker-swarm/traefik-forward-auth/index.md index e0aaba4..59eda31 100644 --- a/docs/docker-swarm/traefik-forward-auth/index.md +++ b/docs/docker-swarm/traefik-forward-auth/index.md @@ -29,7 +29,7 @@ The advantage under this design is additional security. If I'm deploying a web a ## AuthHost mode -Under normal Oauth2 / OIDC auth, you have to tell your auth provider which URLs it may redirect an authenticated user back to, post-authentication. This is a security feture of the OIDC spec, preventing a malicious landing page from capturing your session and using it to impersonate you. When you're securing many URLs though, explicitly listing them can be a PITA. +Under normal Oauth2 / OIDC auth, you have to tell your auth provider which URLs it may redirect an authenticated user back to, post-authentication. This is a security feature of the OIDC spec, preventing a malicious landing page from capturing your session and using it to impersonate you. When you're securing many URLs though, explicitly listing them can be a PITA. [@thomaseddon's traefik-forward-auth](https://github.com/thomseddon/traefik-forward-auth) includes an ingenious mechanism to simulate an "_auth host_" in your OIDC authentication, so that you can protect an unlimited amount of DNS names (_with a common domain suffix_), without having to manually maintain a list.