mirror/fosrl.pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2025-07-29 15:14:56 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

allow resource redirect if host is same

Browse source
This commit is contained in:
Milo Schwartz 2025-01-10 00:13:51 -05:00
parent fcc6cad6d7
commit c3d19454f7
No known key found for this signature in database
2 changed files with 11 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

3
server/routers/badger/verifySession.ts
View file

@ -101,8 +101,7 @@ export async function verifyResourceSession(
return allowed(res);
}
// const redirectUrl = `${config.getRawConfig().app.dashboard_url}/auth/resource/${encodeURIComponent(resource.resourceId)}?redirect=${encodeURIComponent(originalRequestURL)}`;
const redirectUrl = `${config.getRawConfig().app.dashboard_url}/auth/resource/${encodeURIComponent(resource.resourceId)}`;
const redirectUrl = `${config.getRawConfig().app.dashboard_url}/auth/resource/${encodeURIComponent(resource.resourceId)}?redirect=${encodeURIComponent(originalRequestURL)}`;
if (!sessions) {
return notAllowed(res);

20
src/app/auth/resource/[resourceId]/page.tsx
View file

@ -56,16 +56,16 @@ export default async function ResourceAuthPage(props: {
}
let redirectUrl = authInfo.url;
// if (searchParams.redirect) {
// try {
// const serverResourceHost = new URL(authInfo.url).host;
// const redirectHost = new URL(searchParams.redirect).host;
//
// if (serverResourceHost === redirectHost) {
// redirectUrl = searchParams.redirect;
// }
// } catch (e) {}
// }
if (searchParams.redirect) {
try {
const serverResourceHost = new URL(authInfo.url).host;
const redirectHost = new URL(searchParams.redirect).host;
if (serverResourceHost === redirectHost) {
redirectUrl = searchParams.redirect;
}
} catch (e) {}
}
const hasAuth =
authInfo.password ||