projects / koha.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e0760fd) | patch
Bug 31699: (follow-up) Protect more against open redirects
authorDavid Cook <dcook@prosentient.com.au>
Thu, 10 Nov 2022 00:00:37 +0000 (00:00 +0000)
committerTomas Cohen Arazi <tomascohen@theke.io>
Thu, 9 Feb 2023 13:21:31 +0000 (10:21 -0300)
commit37ced7df0531accb4f091c78258ff98946d062c9
treef51bad139ec1e503f90543ce2a496f0b84fbb11btree | snapshot
parente0760fd1851abc4a94a924bcf30e775c8e97da2acommit | diff
Bug 31699: (follow-up) Protect more against open redirects

This change checks that the OPACBaseURL exists, and uses its scheme
and authority to rewrite the URL passed through the "return"
param.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
opac/opac-user.pl diff | blob | history
Main Koha release repository