fix: use runtime trusted uris in oauth controller

2026-06-18 01:10:12 +00:00 · 2026-06-17 12:33:09 +03:00
parent a9face749d
commit e7d26f497d
5 changed files with 125 additions and 79 deletions
@@ -2,7 +2,6 @@ package utils

 import (
 	"errors"
-	"fmt"
 	"net"
 	"net/url"
 	"strings"
@@ -88,23 +87,3 @@ func Filter[T any](slice []T, test func(T) bool) (res []T) {
 	}
 	return res
 }
-
-func IsRedirectSafe(redirectURL string, domain string) bool {
-	if redirectURL == "" {
-		return false
-	}
-
-	parsed, err := url.Parse(redirectURL)
-
-	if err != nil {
-		return false
-	}
-
-	hostname := parsed.Hostname()
-
-	if strings.HasSuffix(hostname, fmt.Sprintf(".%s", domain)) {
-		return true
-	}
-
-	return hostname == domain
-}