Backup_Repos/Sonarr
1
0
Fork 0
mirror of https://github.com/Sonarr/Sonarr synced 2026-05-08 21:21:47 +02:00
Code Issues Projects Releases Wiki Activity

Fixed: Limit redirects after login to local paths

Browse source
This commit is contained in:
Mark McDowall 2024-08-20 14:46:36 -07:00 committed by Mark McDowall
parent da7d17f5e8
commit 14005d8d10
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/Sonarr.Http/Authentication/AuthenticationController.cs
View file

@ -47,7 +47,7 @@ public async Task<IActionResult> Login([FromForm] LoginResource resource, [FromQ
await HttpContext.SignInAsync(AuthenticationType.Forms.ToString(), new ClaimsPrincipal(new ClaimsIdentity(claims, "Cookies", "user", "identifier")), authProperties);
if (returnUrl.IsNullOrWhiteSpace())
if (returnUrl.IsNullOrWhiteSpace() || !Url.IsLocalUrl(returnUrl))
{
return Redirect(_configFileProvider.UrlBase + "/");
}