Skip to content
Permalink
Browse files

[fix] sns/login: close open redirect (#2061)

  • Loading branch information...
tany committed Apr 11, 2018
1 parent 543f581 commit 6016948ea535e51b16535888af13df064a1a15d3
Showing with 1 addition and 1 deletion.
  1. +1 −1 app/controllers/concerns/sns/login_filter.rb
@@ -22,7 +22,7 @@ def default_logged_in_path
def login_success
if params[:ref].blank?
redirect_to default_logged_in_path
elsif params[:ref] =~ /^\//
elsif params[:ref] =~ /^\/[^\/]/
redirect_to params[:ref]
else
render "sns/login/redirect"

0 comments on commit 6016948

Please sign in to comment.
You can’t perform that action at this time.