fix: allow for mismatching protocol in trusted domain check - ui warnings

This commit is contained in:
Stavros
2026-07-18 18:06:26 +03:00
parent 6efb970673
commit d6087dc45e
2 changed files with 1 additions and 7 deletions
-4
View File
@@ -114,10 +114,6 @@ export const isTrustedDomain = (
return false;
}
if (url.protocol != appUrl.protocol) {
return false;
}
if (getEffectivePort(url) != getEffectivePort(appUrl)) {
return false;
}
+1 -3
View File
@@ -313,8 +313,7 @@ func (controller *OAuthController) getCookieDomain() string {
func (controller *OAuthController) isRedirectSafe(redirectURI string) bool {
v := validators.NewDomainValidator(validators.DomainValidatorOptions{
WithScheme: true,
WithPort: true,
WithPort: true,
})
_, err := v.SafeHostname(controller.runtime.AppURL)
@@ -333,7 +332,6 @@ func (controller *OAuthController) isRedirectSafe(redirectURI string) bool {
controller.log.App.Debug().Err(err).Msg("Failed to validate redirect URI")
if errors.Is(err, validators.ErrInvalidURL) ||
errors.Is(err, validators.ErrSchemeMismatch) ||
errors.Is(err, validators.ErrPortMismatch) {
return false
}