msb-public
/
wiki
mirror of https://github.com/requarks/wiki
1
0
Code Issues Projects Releases Wiki Activity

Merge pull request #1 from vasanth3008/vasanth3008-saml

Browse Source 
Use RelayState for login redirect fallback
pull/7931/head
VASANTH K 1 week ago committed by GitHub
parent d14b0a5509 1455324ac2
commit 7ce06dceba
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File

2
server/controllers/auth.js
Unescape View File

@ -72,7 +72,7 @@ router.all('/login/:strategy/callback', async (req, res, next) => {
}, { req, res })
res.cookie('jwt', authResult.jwt, commonHelper.getCookieOpts())
const loginRedirect = req.cookies['loginRedirect']
const loginRedirect = req.cookies['loginRedirect'] ?? decodeURI(req.body.RelayState)
const isValidRedirect = loginRedirect && loginRedirect.startsWith('/') && !loginRedirect.startsWith('//') && !loginRedirect.includes('://')
if (loginRedirect === '/' && authResult.redirect) {
res.clearCookie('loginRedirect')

Write Preview
Loading…
Cancel
Save