Skip to content

Commit

Permalink
Merge pull request #927 from uc-cdis/fix/redirect
Browse files Browse the repository at this point in the history 
(PXP-8286): fix(google): add redirect validation to /link/google
  • Loading branch information
@Avantol13
Avantol13 committed Jun 15, 2021
2 parents 8157fcf + 3f6ab60 commit ddd7ecd
Showing 1 changed file with 4 additions and 0 deletions.
4 changes: 4 additions & 0 deletions fence/blueprints/link.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@
from cdislogging import get_logger

from cirrus import GoogleCloudManager
from fence.blueprints.login.redirect import validate_redirect
from fence.restful import RestfulApi
from fence.errors import NotFound
from fence.errors import Unauthorized
Expand Down Expand Up @@ -101,6 +102,9 @@ def delete(self):
def _link_google_account():
provided_redirect = flask.request.args.get("redirect")

# will raise UserError if invalid
validate_redirect(provided_redirect)

if not provided_redirect:
raise UserError({"error": "No redirect provided."})

Expand Down

0 comments on commit ddd7ecd

Please sign in to comment.