mirror of
https://github.com/lidarr/Lidarr
synced 2024-12-22 07:42:28 +00:00
Fixed: Limit redirects after login to local paths
(cherry picked from commit 14005d8d1054eafaba808337a109d5812f3e79e6)
This commit is contained in:
parent
963ffbea4e
commit
5fed16c38a
1 changed files with 1 additions and 1 deletions
|
@ -47,7 +47,7 @@ public async Task<IActionResult> Login([FromForm] LoginResource resource, [FromQ
|
|||
|
||||
await HttpContext.SignInAsync(AuthenticationType.Forms.ToString(), new ClaimsPrincipal(new ClaimsIdentity(claims, "Cookies", "user", "identifier")), authProperties);
|
||||
|
||||
if (returnUrl.IsNullOrWhiteSpace())
|
||||
if (returnUrl.IsNullOrWhiteSpace() || !Url.IsLocalUrl(returnUrl))
|
||||
{
|
||||
return Redirect(_configFileProvider.UrlBase + "/");
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue