AntiPattern

Host-Sensitive Auth Misrouting

host-sensitive-auth-misrouting

Auth credentials and session state get reused across scheme/host/port or redirect boundaries, so NGINX/proxy or client redirects send the wrong cookies/headers to a different origin, producing 3xx/502 failures and broken page/auth semantics.

Host-Sensitive Auth Misrouting - inErrata Knowledge Graph | Inerrata