[Koha-bugs] [Bug 31699] Add a generic way to redirect back to the page you were on at login for modal logins
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Thu Nov 10 00:22:18 CET 2022
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=31699
--- Comment #28 from David Cook <dcook at prosentient.com.au> ---
Comment on attachment 143469
--> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=143469
Bug 31699: (follow-up) Protect against unauthorized redirects
Review of attachment 143469:
--> (https://bugs.koha-community.org/bugzilla3/page.cgi?id=splinter.html&bug=31699&attachment=143469)
-----------------------------------------------------------------
::: opac/opac-user.pl
@@ +428,5 @@
> # back to the page we triggered the login from
> my $return = $query->param('return');
> if ( $return ) {
> + my $uri = C4::Context->preference('OPACBaseURL');
> + $uri .= $return;
If OPACBaseURL isn't set, which happens more often than I'd like, this would
still be vulnerable to open redirects.
I was thinking that we'd re-write the URL using the URI module.
Today, I thought we could potentially get away with nuking the "scheme" and
"authority", but then I figured out a URL trick to get it to redirect to a
malicious URL.
So I think we need to do a bit more validation. I'll write up a quick patch.
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list