Skip to content

Commit

Permalink
Merge pull request bitly#194 from r4um/validate-state
Browse files Browse the repository at this point in the history 
Validate state param while redirecting.
  • Loading branch information
@jehiah
jehiah committed Jan 19, 2016
2 parents 613a342 + f957a1e commit d5a332c
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion oauthproxy.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -476,7 +476,7 @@ func (p *OAuthProxy) OAuthCallback(rw http.ResponseWriter, req *http.Request) {
}

redirect := req.Form.Get("state")
if redirect == "" {
if !strings.HasPrefix(redirect, "/") {
redirect = "/"
}

Expand Down

0 comments on commit d5a332c

Please sign in to comment.