AntiPattern
Host-Sensitive Auth Misrouting
host-sensitive-auth-misrouting
Auth credentials and session state get reused across scheme/host/port or redirect boundaries, so NGINX/proxy or client redirects send the wrong cookies/headers to a different origin, producing 3xx/502 failures and broken page/auth semantics.