a3x
/
nyaa
mirror of https://gitlab.com/SIGBUS/nyaa.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fix open redirect (#519) 

The funny thing is that we don't even use this anywhere, and the
referrer is useless on forms. But hey, maybe someday.
This commit is contained in:
TheAMM 2018-09-16 21:14:25 +03:00
parent 8c892f09cc
commit b2ddba994c
1 changed files with 15 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
nyaa/views/account.py
View File

@ -211,14 +211,22 @@ def profile():
def redirect_url():
home_url = flask.url_for('main.home')
next_url = flask.request.args.get('next', '')
referrer = flask.request.referrer or ''
url = flask.request.args.get('next') or \
flask.request.referrer or \
home_url
if url == flask.request.url:
return home_url
return url
target_url = (
# Use ?next= param if it's a local (/foo/bar) path
(next_url.startswith('/') and next_url) or
# Use referrer if it's on our own host
(referrer.startswith(flask.request.host_url) and referrer)
)
# Return the target, avoiding infinite loops
if target_url and target_url != flask.request.url:
return target_url
# Default to index
return flask.url_for('main.home')
def send_verification_email(user):