+
-
+
{{ item }}
@@ -260,9 +259,8 @@ export default {
}
this.focus()
},
- removeItem(item, idx) {
- var remaining = this.selected.slice()
- remaining.splice(idx, 1)
+ removeItem(item) {
+ var remaining = this.selected.filter((i) => i !== item)
this.$emit('input', remaining)
this.$emit('removedItem', item)
this.$nextTick(() => {
diff --git a/server/auth/OidcAuthStrategy.js b/server/auth/OidcAuthStrategy.js
index 64ab82448..0780b7612 100644
--- a/server/auth/OidcAuthStrategy.js
+++ b/server/auth/OidcAuthStrategy.js
@@ -527,16 +527,7 @@ class OidcAuthStrategy {
// For absolute URLs, ensure they point to the same origin
const callbackUrlObj = new URL(callbackUrl)
- // NPM appends both http and https in x-forwarded-proto sometimes, so we need to check for both
- const xfp = (req.get('x-forwarded-proto') || '').toLowerCase()
- const currentProtocol =
- req.secure ||
- xfp
- .split(',')
- .map((s) => s.trim())
- .includes('https')
- ? 'https'
- : 'http'
+ const currentProtocol = req.secure || req.get('x-forwarded-proto') === 'https' ? 'https' : 'http'
const currentHost = req.get('host')
// Check if protocol and host match exactly