diff --git a/frontend/src/lib/hooks/redirect-uri.ts b/frontend/src/lib/hooks/redirect-uri.ts index 920a13a5..f7048ffe 100644 --- a/frontend/src/lib/hooks/redirect-uri.ts +++ b/frontend/src/lib/hooks/redirect-uri.ts @@ -114,10 +114,6 @@ export const isTrustedDomain = ( return false; } - if (url.protocol != appUrl.protocol) { - return false; - } - if (getEffectivePort(url) != getEffectivePort(appUrl)) { return false; } diff --git a/internal/controller/oauth_controller.go b/internal/controller/oauth_controller.go index afaa0120..00eae837 100644 --- a/internal/controller/oauth_controller.go +++ b/internal/controller/oauth_controller.go @@ -313,8 +313,7 @@ func (controller *OAuthController) getCookieDomain() string { func (controller *OAuthController) isRedirectSafe(redirectURI string) bool { v := validators.NewDomainValidator(validators.DomainValidatorOptions{ - WithScheme: true, - WithPort: true, + WithPort: true, }) _, err := v.SafeHostname(controller.runtime.AppURL) @@ -333,7 +332,6 @@ func (controller *OAuthController) isRedirectSafe(redirectURI string) bool { controller.log.App.Debug().Err(err).Msg("Failed to validate redirect URI") if errors.Is(err, validators.ErrInvalidURL) || - errors.Is(err, validators.ErrSchemeMismatch) || errors.Is(err, validators.ErrPortMismatch) { return false }