New translations en.json (Portuguese, Brazilian) (#474 )

feat: log unsafe redirect uri in oauth controller
2025-12-08 01:06:34 +00:00 · 2025-11-23 14:10:12 +02:00 · 2025-11-23 14:06:35 +02:00
2 changed files with 8 additions and 2 deletions
--- a/frontend/src/lib/i18n/locales/pt-BR.json
+++ b/frontend/src/lib/i18n/locales/pt-BR.json
@@ -59,4 +59,4 @@
    "domainWarningSubtitle": "Esta instância está configurada para ser acessada de <code>{{appUrl}}</code>, mas <code>{{currentUrl}}</code> está sendo usado. Se você continuar, você pode encontrar problemas com a autenticação.",
    "ignoreTitle": "Ignorar",
    "goToCorrectDomainTitle": "Ir para o domínio correto"
-}
+}
--- a/internal/controller/oauth_controller.go
+++ b/internal/controller/oauth_controller.go
@@ -78,8 +78,14 @@ func (controller *OAuthController) oauthURLHandler(c *gin.Context) {
 	c.SetCookie(controller.config.CSRFCookieName, state, int(time.Hour.Seconds()), "/", fmt.Sprintf(".%s", controller.config.CookieDomain), controller.config.SecureCookie, true)

 	redirectURI := c.Query("redirect_uri")
+	isRedirectSafe := utils.IsRedirectSafe(redirectURI, controller.config.CookieDomain)

-	if redirectURI != "" && utils.IsRedirectSafe(redirectURI, controller.config.CookieDomain) {
+	if !isRedirectSafe {
+		log.Warn().Str("redirect_uri", redirectURI).Msg("Unsafe redirect URI detected, ignoring")
+		redirectURI = ""
+	}
+
+	if redirectURI != "" && isRedirectSafe {
 		log.Debug().Msg("Setting redirect URI cookie")
 		c.SetCookie(controller.config.RedirectCookieName, redirectURI, int(time.Hour.Seconds()), "/", fmt.Sprintf(".%s", controller.config.CookieDomain), controller.config.SecureCookie, true)
 	}
Author	SHA1	Message	Date
Stavros	8a3f2080c6	New translations en.json (Portuguese, Brazilian) (#474 )	2025-11-23 14:10:12 +02:00
Stavros	641b9aa531	feat: log unsafe redirect uri in oauth controller	2025-11-23 14:06:35 +02:00