wassname/flask-security
1
0
Fork 0
mirror of https://github.com/wassname/flask-security.git synced 2026-06-27 16:10:11 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #318 from boydgreenfield/develop

Browse Source 
Prevent open redirects when a malformed URL is passed to ?next=
This commit is contained in:
Matt Wright
2014-10-13 11:54:32 -04:00
parent 76ad77a233 5bc37add88
commit 591bc27a5e
2 changed files with 7 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
flask_security/utils.py
+1 -1
View File
@@ -212,7 +212,7 @@ def validate_redirect_url(url):
return False
url_next = urlsplit(url)
url_base = urlsplit(request.host_url)
if url_next.netloc and url_next.netloc != url_base.netloc:
if (url_next.netloc or url_next.scheme) and url_next.netloc != url_base.netloc:
return False
return True
tests/test_common.py
+6
View File
@@ -40,6 +40,12 @@ def test_authenticate_with_invalid_next(client, get_message):
assert get_message('INVALID_REDIRECT') in response.data
def test_authenticate_with_invalid_malformed_next(client, get_message):
data = dict(email='matt@lp.com', password='password')
response = client.post('/login?next=http:///google.com', data=data)
assert get_message('INVALID_REDIRECT') in response.data
def test_authenticate_case_insensitive_email(app, client):
response = authenticate(client, 'MATT@lp.com', follow_redirects=True)
assert b'Hello matt@lp.com' in response.data