diff options
author | wxiaoguang <wxiaoguang@gmail.com> | 2024-03-21 20:02:34 +0800 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-03-21 12:02:34 +0000 |
commit | 01500957c29f6bfa2396b8457dbb0645edaafa99 (patch) | |
tree | b5910bfb189c687654b394c22a44ddef1857342c /routers/web/auth | |
parent | 0b4ff15356769db092fd7718da553e8a216c32fa (diff) | |
download | gitea-01500957c29f6bfa2396b8457dbb0645edaafa99.tar.gz gitea-01500957c29f6bfa2396b8457dbb0645edaafa99.zip |
Refactor URL detection (#29960)
"Redirect" functions should only redirect if the target is for current Gitea site.
Diffstat (limited to 'routers/web/auth')
-rw-r--r-- | routers/web/auth/auth.go | 6 | ||||
-rw-r--r-- | routers/web/auth/oauth.go | 2 | ||||
-rw-r--r-- | routers/web/auth/password.go | 2 |
3 files changed, 5 insertions, 5 deletions
diff --git a/routers/web/auth/auth.go b/routers/web/auth/auth.go index da6bef207a..ab81740e3f 100644 --- a/routers/web/auth/auth.go +++ b/routers/web/auth/auth.go @@ -133,7 +133,7 @@ func RedirectAfterLogin(ctx *context.Context) { if setting.LandingPageURL == setting.LandingPageLogin { nextRedirectTo = setting.AppSubURL + "/" // do not cycle-redirect to the login page } - ctx.RedirectToFirst(redirectTo, nextRedirectTo) + ctx.RedirectToCurrentSite(redirectTo, nextRedirectTo) } func CheckAutoLogin(ctx *context.Context) bool { @@ -371,7 +371,7 @@ func handleSignInFull(ctx *context.Context, u *user_model.User, remember, obeyRe if redirectTo := ctx.GetSiteCookie("redirect_to"); len(redirectTo) > 0 && !utils.IsExternalURL(redirectTo) { middleware.DeleteRedirectToCookie(ctx.Resp) if obeyRedirect { - ctx.RedirectToFirst(redirectTo) + ctx.RedirectToCurrentSite(redirectTo) } return redirectTo } @@ -808,7 +808,7 @@ func handleAccountActivation(ctx *context.Context, user *user_model.User) { ctx.Flash.Success(ctx.Tr("auth.account_activated")) if redirectTo := ctx.GetSiteCookie("redirect_to"); len(redirectTo) > 0 { middleware.DeleteRedirectToCookie(ctx.Resp) - ctx.RedirectToFirst(redirectTo) + ctx.RedirectToCurrentSite(redirectTo) return } diff --git a/routers/web/auth/oauth.go b/routers/web/auth/oauth.go index d5ca7397f0..3189d1372e 100644 --- a/routers/web/auth/oauth.go +++ b/routers/web/auth/oauth.go @@ -1157,7 +1157,7 @@ func handleOAuth2SignIn(ctx *context.Context, source *auth.Source, u *user_model if redirectTo := ctx.GetSiteCookie("redirect_to"); len(redirectTo) > 0 { middleware.DeleteRedirectToCookie(ctx.Resp) - ctx.RedirectToFirst(redirectTo) + ctx.RedirectToCurrentSite(redirectTo) return } diff --git a/routers/web/auth/password.go b/routers/web/auth/password.go index c9e0386041..3af8b7edf2 100644 --- a/routers/web/auth/password.go +++ b/routers/web/auth/password.go @@ -314,7 +314,7 @@ func MustChangePasswordPost(ctx *context.Context) { if redirectTo := ctx.GetSiteCookie("redirect_to"); len(redirectTo) > 0 && !utils.IsExternalURL(redirectTo) { middleware.DeleteRedirectToCookie(ctx.Resp) - ctx.RedirectToFirst(redirectTo) + ctx.RedirectToCurrentSite(redirectTo) return } |