Skip to content
Permalink
Browse files
Return URL to disallow external links
  • Loading branch information
rxtur committed Oct 25, 2021
1 parent b14e98e commit e0301d4ef8099ab9cb2dc636c692aabf209dc767
Showing with 4 additions and 1 deletion.
  1. +3 −0 src/Blogifier.Admin/Pages/Account/Login.razor.cs
  2. +1 −1 src/Blogifier/Controllers/HomeController.cs
@@ -19,6 +19,9 @@ public async Task LoginUser()
if (QueryHelpers.ParseQuery(uri.Query).TryGetValue("returnUrl", out var param))
returnUrl = param.First();

if(returnUrl.StartsWith("http"))
returnUrl = "admin/";

var result = await Http.PostAsJsonAsync<LoginModel>("api/author/login", model);

if (result.IsSuccessStatusCode)
@@ -63,7 +63,7 @@ public async Task<IActionResult> Index(string slug)
[HttpGet("/admin")]
public async Task<IActionResult> Admin()
{
return File("~/index.html", "text/html");
return await Task.FromResult(File("~/index.html", "text/html"));
}

[HttpPost]

0 comments on commit e0301d4

Please sign in to comment.