Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bug(oxauth): apply clientWhiteList when session is valid (allowPostLogoutRedirectWithoutValidation=true ) #1820

Closed
yuriyz opened this issue Apr 18, 2023 · 1 comment
Closed

bug(oxauth): apply clientWhiteList when session is valid (allowPostLogoutRedirectWithoutValidation=true ) #1820

yuriyz opened this issue Apr 18, 2023 · 1 comment
Assignees
@yuriyz
Labels
bug bug in code
Milestone
4.5.1

Comments

@yuriyz
Copy link
Contributor

yuriyz commented Apr 18, 2023

Describe the issue

When session is valid and allowPostLogoutRedirectWithoutValidation=true call to /end_session does not run check against clientWhiteList for post_logout_redirect_uri.
@yuriyz yuriyz added the bug bug in code label Apr 18, 2023
@yuriyz yuriyz added this to the 4.5.1 milestone Apr 18, 2023
@yuriyz yuriyz self-assigned this Apr 18, 2023
yuriyz added a commit that referenced this issue Apr 18, 2023
@yuriyz
fix(oxauth): corrected post_logout_redirect_uri validation #1820
1eb990a
@yuriyz yuriyz mentioned this issue Apr 18, 2023
Merged
yuriyz added a commit that referenced this issue Apr 18, 2023
@yuriyz
fix(oxauth): corrected post_logout_redirect_uri validation #1820 (#1821)
7a2d4d7
yuriyz added a commit that referenced this issue Apr 18, 2023
@yuriyz
fix(oxauth): corrected post_logout_redirect_uri validation #1820 (4.5.1)
ff88134 
(cherry picked from commit 7a2d4d7)
@yuriyz
Copy link
Contributor Author

yuriyz commented Apr 18, 2023

Done in master (4.6.0) and 4.5.1.

@yuriyz yuriyz closed this as completed Apr 18, 2023
@yuriyz yuriyz mentioned this issue Apr 18, 2023
Closed
yuriyz added a commit that referenced this issue Sep 28, 2023
@yuriyz
fix(oxauth): check clientWhiteList when allowPostLogoutRedirectWithou…
5ac197d 
…tValidation=true (4.5.2)

#1820
yuriyz added a commit that referenced this issue Sep 28, 2023
@yuriyz
fix(oxauth): check clientWhiteList when allowPostLogoutRedirectWithou…
8a425da 
…tValidation=true (master)

#1820
@yuriyz yuriyz mentioned this issue Sep 28, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@yuriyz yuriyz

Labels
bug bug in code
Projects
None yet
Milestone
4.5.1
Development

No branches or pull requests
1 participant
@yuriyz