CH-273 access denied mitigation: auto hard reload once

filippomc · filippomc · commit cda436562b58 · 2026-05-19T13:23:57.000+02:00
diff --git a/deployment-configuration/helm/templates/auto-gatekeepers.yaml b/deployment-configuration/helm/templates/auto-gatekeepers.yaml
@@ -72,7 +72,30 @@ data:
       <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css">
       <script src="https://code.jquery.com/jquery-1.11.3.min.js"></script>
       <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js"></script>
+      <script>
+        (function () {
+          var cookieName = "ch_403_reloaded";
+          var queryFlag = "gk403reloaded=1";
+          var hasQueryFlag = window.location.search.indexOf(queryFlag) !== -1;
+          var hasCookie = document.cookie.indexOf(cookieName + "=1") !== -1;
+
+          // Force one hard reload only once, then stop to avoid loops.
+          if (!hasQueryFlag && !hasCookie) {
+            var separator = window.location.search ? "&" : "?";
+            var reloadUrl = window.location.pathname + window.location.search + separator + queryFlag + window.location.hash;
+            document.cookie = cookieName + "=1; path=/; max-age=120; SameSite=Lax";
+            window.location.replace(reloadUrl);
+            return;
+          }
+
+          // Show content only when not redirecting.
+          document.documentElement.style.visibility = "visible";
+        })();
+      </script>
       <style>
+        html {
+          visibility: hidden;
+        }
         .oops {
           font-size: 9em;
           letter-spacing: 2px;
