fix: use case insensitive check in the oauth controller

This commit is contained in:
Stavros
2026-06-21 16:53:31 +03:00
parent 21877190e4
commit d87be8676c
+2 -2
View File
@@ -335,7 +335,7 @@ func (controller *OAuthController) isRedirectSafe(redirectURI string) bool {
return false return false
} }
if u.Host == au.Host { if strings.EqualFold(u.Host, au.Host) {
return true return true
} }
@@ -343,7 +343,7 @@ func (controller *OAuthController) isRedirectSafe(redirectURI string) bool {
return false return false
} }
if strings.HasSuffix(u.Host, "."+au.Host) { if strings.HasSuffix(strings.ToLower(u.Host), "."+strings.ToLower(controller.runtime.CookieDomain)) {
return true return true
} }