mirror of
https://github.com/steveiliop56/tinyauth.git
synced 2026-07-19 08:21:20 +00:00
fix: allow for mismatching protocol in trusted domain check - ui warnings
This commit is contained in:
@@ -114,10 +114,6 @@ export const isTrustedDomain = (
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (url.protocol != appUrl.protocol) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (getEffectivePort(url) != getEffectivePort(appUrl)) {
|
if (getEffectivePort(url) != getEffectivePort(appUrl)) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -313,8 +313,7 @@ func (controller *OAuthController) getCookieDomain() string {
|
|||||||
|
|
||||||
func (controller *OAuthController) isRedirectSafe(redirectURI string) bool {
|
func (controller *OAuthController) isRedirectSafe(redirectURI string) bool {
|
||||||
v := validators.NewDomainValidator(validators.DomainValidatorOptions{
|
v := validators.NewDomainValidator(validators.DomainValidatorOptions{
|
||||||
WithScheme: true,
|
WithPort: true,
|
||||||
WithPort: true,
|
|
||||||
})
|
})
|
||||||
|
|
||||||
_, err := v.SafeHostname(controller.runtime.AppURL)
|
_, err := v.SafeHostname(controller.runtime.AppURL)
|
||||||
@@ -333,7 +332,6 @@ func (controller *OAuthController) isRedirectSafe(redirectURI string) bool {
|
|||||||
controller.log.App.Debug().Err(err).Msg("Failed to validate redirect URI")
|
controller.log.App.Debug().Err(err).Msg("Failed to validate redirect URI")
|
||||||
|
|
||||||
if errors.Is(err, validators.ErrInvalidURL) ||
|
if errors.Is(err, validators.ErrInvalidURL) ||
|
||||||
errors.Is(err, validators.ErrSchemeMismatch) ||
|
|
||||||
errors.Is(err, validators.ErrPortMismatch) {
|
errors.Is(err, validators.ErrPortMismatch) {
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user