Add fix for wrong redirect in proxy scenario and accessing WEBROOT_REDIRECT

main
Dimitri Huisman 2 years ago
parent 29bfc9dd9d
commit 20bf0e8a65
No known key found for this signature in database

@ -79,7 +79,7 @@ Redirect to the url passed in parameter if any; Ensure that this is not an open-
https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html
""" """
def _has_usable_redirect(): def _has_usable_redirect():
if 'homepage' in flask.request.url: if 'homepage' in flask.request.url and not (flask.request.headers.get(app.config['PROXY_AUTH_HEADER']) and not 'noproxyauth'):
return None return None
if url := flask.request.args.get('url'): if url := flask.request.args.get('url'):
url = url_unquote(url) url = url_unquote(url)

Loading…
Cancel
Save