Skip to content

Commit

Permalink
Merge pull request from GHSA-qqxw-m5fj-f7gv
Browse files Browse the repository at this point in the history
check for /\ redirects
  • Loading branch information
starkers authored Jan 29, 2020
2 parents fc59a6d + e21f098 commit a316f8a
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 2 deletions.
2 changes: 1 addition & 1 deletion CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
- DigitalOcean provider support added

## Important Notes
N/A
- (Security) Fix for open redirect vulnerability.. a bad actor using `/\` in redirect URIs can redirect a session to another domain

## Breaking Changes

Expand Down
2 changes: 1 addition & 1 deletion oauthproxy.go
Original file line number Diff line number Diff line change
Expand Up @@ -558,7 +558,7 @@ func validOptionalPort(port string) bool {
// IsValidRedirect checks whether the redirect URL is whitelisted
func (p *OAuthProxy) IsValidRedirect(redirect string) bool {
switch {
case strings.HasPrefix(redirect, "/") && !strings.HasPrefix(redirect, "//"):
case strings.HasPrefix(redirect, "/") && !strings.HasPrefix(redirect, "//") && !strings.HasPrefix(redirect, "/\\"):
return true
case strings.HasPrefix(redirect, "http://") || strings.HasPrefix(redirect, "https://"):
redirectURL, err := url.Parse(redirect)
Expand Down

0 comments on commit a316f8a

Please sign in to comment.