From 20bf0e8a65595525e54ae6bf796d971524e994e7 Mon Sep 17 00:00:00 2001
From: Dimitri Huisman <diman@huisman.xyz>
Date: Sat, 18 Mar 2023 08:40:45 +0000
Subject: [PATCH] Add fix for wrong redirect in proxy scenario and accessing
 WEBROOT_REDIRECT

---
 core/admin/mailu/sso/views/base.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/admin/mailu/sso/views/base.py b/core/admin/mailu/sso/views/base.py
index 80d1383c..9f50da7d 100644
--- a/core/admin/mailu/sso/views/base.py
+++ b/core/admin/mailu/sso/views/base.py
@@ -79,7 +79,7 @@ Redirect to the url passed in parameter if any; Ensure that this is not an open-
 https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html
 """
 def _has_usable_redirect():
-    if 'homepage' in flask.request.url:
+    if 'homepage' in flask.request.url and not (flask.request.headers.get(app.config['PROXY_AUTH_HEADER']) and not 'noproxyauth'):
         return None
     if url := flask.request.args.get('url'):
         url = url_unquote(url)