From 17019a90f1fe6e46f32c922076b5f4cf87796fbd Mon Sep 17 00:00:00 2001
From: Daniel Couso <daniel.couso@liferay.com>
Date: Mon, 11 May 2020 12:37:39 +0200
Subject: [PATCH] LPS-113314 Check url in Notifications

---
 .../web/internal/portlet/NotificationsPortlet.java          | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/modules/apps/notifications/notifications-web/src/main/java/com/liferay/notifications/web/internal/portlet/NotificationsPortlet.java b/modules/apps/notifications/notifications-web/src/main/java/com/liferay/notifications/web/internal/portlet/NotificationsPortlet.java
index c26a1079dd48b6..167286cfe32c47 100644
--- a/modules/apps/notifications/notifications-web/src/main/java/com/liferay/notifications/web/internal/portlet/NotificationsPortlet.java
+++ b/modules/apps/notifications/notifications-web/src/main/java/com/liferay/notifications/web/internal/portlet/NotificationsPortlet.java
@@ -31,6 +31,7 @@
 import com.liferay.portal.kernel.servlet.SessionMessages;
 import com.liferay.portal.kernel.theme.ThemeDisplay;
 import com.liferay.portal.kernel.util.ParamUtil;
+import com.liferay.portal.kernel.util.Portal;
 import com.liferay.portal.kernel.util.ResourceBundleLoader;
 import com.liferay.portal.kernel.util.Validator;
 import com.liferay.portal.kernel.util.WebKeys;
@@ -399,6 +400,8 @@ private void _sendRedirect(
 
 		String redirect = ParamUtil.getString(actionRequest, "redirect");
 
+		redirect = _portal.escapeRedirect(redirect);
+
 		if (Validator.isNotNull(redirect)) {
 			actionResponse.sendRedirect(redirect);
 		}
@@ -438,6 +441,9 @@ private void _updateUserNotificationDelivery(
 			userNotificationDeliveryId, deliver);
 	}
 
+	@Reference
+	private Portal _portal;
+
 	@Reference(target = "(bundle.symbolic.name=com.liferay.notifications.web)")
 	private ResourceBundleLoader _resourceBundleLoader;