barbercollie/tinyauth
1
0
Fork 1
mirror of https://github.com/steveiliop56/tinyauth.git synced 2025-11-09 10:35:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: allow for all subdomains to be considered safe for redirection

Browse Source
This commit is contained in:
Stavros
2025-11-04 17:58:56 +02:00
parent 57aca58de3
commit bb1ecd4183
2 changed files with 9 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
internal/utils/app_utils.go
View File

@@ -90,27 +90,19 @@ func IsRedirectSafe(redirectURL string, domain string) bool {
return false
}
parsedURL, err := url.Parse(redirectURL)
parsed, err := url.Parse(redirectURL)
if err != nil {
return false
}
if !parsedURL.IsAbs() {
return false
}
hostname := parsed.Hostname()
host := parsedURL.Hostname()
if host == domain {
if strings.HasSuffix(hostname, domain) {
return true
}
cookieDomain, err := GetCookieDomain(redirectURL)
if err != nil {
return false
}
return cookieDomain == domain
return hostname == domain
}
func GetLogLevel(level string) zerolog.Level {