zaid.marzguioui/myeasycms-v2
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

2.21.12 (#423)

Browse Source 
* chore: bump version to 2.21.12 and implement safe redirect path validation

- Updated application version from 2.21.11 to 2.21.12 in package.json.
- Introduced `getSafeRedirectPath` and `isSafeRedirectPath` utility functions to validate user-supplied redirect URLs, enhancing security against open redirect attacks.
* fix: address page reload issue in Admin tests for CI
This commit is contained in:
Giancarlo Buomprisco
2025-12-09 23:34:10 +08:00
committed by GitHub
parent 2f78e16dfa
commit 44137016cb
15 changed files with 128 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
packages/features/auth/src/components/sign-up-methods-container.tsx
View File

@@ -2,7 +2,7 @@
import type { Provider } from '@supabase/supabase-js';
import { isBrowser } from '@kit/shared/utils';
import { isBrowser, isSafeRedirectPath } from '@kit/shared/utils';
import { If } from '@kit/ui/if';
import { Separator } from '@kit/ui/separator';
import { Trans } from '@kit/ui/trans';
@@ -114,7 +114,8 @@ function getCallbackUrl(props: {
const searchParams = new URLSearchParams(window.location.search);
const next = searchParams.get('next');
if (next) {
// Only pass through the next param if it's a safe internal path
if (next && isSafeRedirectPath(next)) {
url.searchParams.set('next', next);
}