백채널 로그아웃 URI 허용 범위 확장

2026-05-06 14:09:21 +09:00
parent 2cba9c9c1f
commit 3e8adbfbfd
4 changed files with 47 additions and 8 deletions
--- a/devfront/src/locales/en.toml
+++ b/devfront/src/locales/en.toml
@@ -435,7 +435,7 @@ help = "Enter the redirect URIs. You can modify them in the Federation tab after

 [msg.dev.clients.general.backchannel_logout]
 uri_help = "RP endpoint that receives Baron's session termination event via server-to-server POST."
-invalid = "The Back-Channel Logout URI format is invalid. Production requires https, and local development only allows http on localhost/127.0.0.1."
+invalid = "The Back-Channel Logout URI format is invalid. Production requires https, and local development only allows http on localhost/127.0.0.1, host.docker.internal, Docker service names, and private IPs."
 session_required_help = "Use this when the RP should process logout_token only if the sid claim is included."
 session_required_on = "On: process logout only when the logout_token contains a sid."
 session_required_off = "Off: process logout using sub even if sid is missing."
--- a/devfront/src/locales/ko.toml
+++ b/devfront/src/locales/ko.toml
@@ -435,7 +435,7 @@ help = "인증 후 리다이렉트될 URI를 입력하세요. 생성 후 연동

 [msg.dev.clients.general.backchannel_logout]
 uri_help = "Baron이 세션 종료 이벤트를 서버 간 POST로 전달할 RP endpoint입니다."
-invalid = "Back-Channel Logout URI 형식이 올바르지 않습니다. 운영 환경은 https, 로컬 개발 환경은 localhost/127.0.0.1의 http만 허용됩니다."
+invalid = "Back-Channel Logout URI 형식이 올바르지 않습니다. 운영 환경은 https를 사용하고, 로컬 개발 환경은 localhost/127.0.0.1, host.docker.internal, Docker 서비스명, 사설 IP의 http만 허용됩니다."
 session_required_help = "RP가 logout_token에 sid claim이 포함된 경우에만 처리하도록 요구할 때 사용합니다."
 session_required_on = "켜면: logout_token 안에 sid가 있을 때만 로그아웃 처리"
 session_required_off = "끄면: sid가 없어도 sub만으로 로그아웃 처리 가능"