github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-22 07:53:49 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Improve redirect avoidance for /sso paths

Browse Source 
e6b3310577582fc702913ac084d41bdf7006439d was missing an ege case
where return url included current_hostname
This commit is contained in:
Sam
2018-11-09 17:03:42 +11:00
parent 7a53e0b186
commit 3ae4fcd1f7
2 changed files with 14 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
app/controllers/session_controller.rb
View File

@ -162,7 +162,11 @@ class SessionController < ApplicationController
if return_path !~ /^\/[^\/]/ if return_path !~ /^\/[^\/]/
begin begin
uri = URI(return_path) uri = URI(return_path)
return_path = path("/") unless SiteSetting.sso_allows_all_return_paths || uri.host == Discourse.current_hostname if (uri.hostname == Discourse.current_hostname)
return_path = uri.request_uri
elsif !SiteSetting.sso_allows_all_return_paths
return_path = path("/")
end
rescue rescue
return_path = path("/") return_path = path("/")
end end

9
spec/requests/session_controller_spec.rb
View File

@ -311,6 +311,15 @@ RSpec.describe SessionController do
get "/session/sso_login", params: Rack::Utils.parse_query(sso.payload), headers: headers get "/session/sso_login", params: Rack::Utils.parse_query(sso.payload), headers: headers
expect(response).to redirect_to('/') expect(response).to redirect_to('/')
sso = get_sso("http://#{Discourse.current_hostname}/sso?bla=1")
sso.email = user.email
sso.external_id = 'abc'
sso.username = 'sam'
get "/session/sso_login", params: Rack::Utils.parse_query(sso.payload), headers: headers
expect(response).to redirect_to('/')
end end
it 'can take over an account' do it 'can take over an account' do