Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Fix open redirect in Horizon.

LP 1039077. Disallow login redirects to anywhere other than the same origin.

Change-Id: I36e8e4f30cf440ecc73534af38fcd8d2a111a603
  • Loading branch information...
commit 35eada8a27323c0f83c400177797927aba6bc99b 1 parent 648b078
@PaulMcMillan PaulMcMillan authored russellb committed
Showing with 8 additions and 1 deletion.
  1. +8 −1 horizon/views/auth_forms.py
View
9 horizon/views/auth_forms.py
@@ -28,6 +28,7 @@
from django.conf import settings
from django.contrib import messages
from django.contrib.auth import REDIRECT_FIELD_NAME
+from django.utils.http import same_origin
from django.utils.translation import ugettext as _
from keystoneclient import exceptions as keystone_exceptions
@@ -94,7 +95,13 @@ def handle(self, request, data):
request.session['region_endpoint'] = endpoint
request.session['region_name'] = region_name
- redirect_to = request.REQUEST.get(REDIRECT_FIELD_NAME, "")
+ redirect_to = request.REQUEST.get(REDIRECT_FIELD_NAME, None)
+ # Make sure the requested redirect matches the protocol,
+ # domain, and port of this request
+ if redirect_to and not same_origin(
+ request.build_absolute_uri(redirect_to),
+ request.build_absolute_uri()):
+ redirect_to = None
if data.get('tenant', None):
try:

0 comments on commit 35eada8

Please sign in to comment.
Something went wrong with that request. Please try again.