mirror of https://github.com/wallabag/wallabag.git
Make Redirect helper supports only absolute path reference URLs
This commit is contained in:
parent
7ebc96f3b9
commit
9bef459882
|
@ -2,6 +2,7 @@
|
||||||
|
|
||||||
namespace Wallabag\CoreBundle\Helper;
|
namespace Wallabag\CoreBundle\Helper;
|
||||||
|
|
||||||
|
use GuzzleHttp\Psr7\Uri;
|
||||||
use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
|
use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
|
||||||
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
|
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
|
||||||
use Wallabag\CoreBundle\Entity\Config;
|
use Wallabag\CoreBundle\Entity\Config;
|
||||||
|
@ -32,6 +33,14 @@ class Redirect
|
||||||
$user = $this->tokenStorage->getToken() ? $this->tokenStorage->getToken()->getUser() : null;
|
$user = $this->tokenStorage->getToken() ? $this->tokenStorage->getToken()->getUser() : null;
|
||||||
|
|
||||||
if (!$user instanceof User) {
|
if (!$user instanceof User) {
|
||||||
|
if (null === $url) {
|
||||||
|
return $this->router->generate('homepage');
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!Uri::isAbsolutePathReference(new Uri($url))) {
|
||||||
|
return $this->router->generate('homepage');
|
||||||
|
}
|
||||||
|
|
||||||
return $url;
|
return $url;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -40,10 +49,14 @@ class Redirect
|
||||||
return $this->router->generate('homepage');
|
return $this->router->generate('homepage');
|
||||||
}
|
}
|
||||||
|
|
||||||
if (null !== $url) {
|
if (null === $url) {
|
||||||
return $url;
|
|
||||||
}
|
|
||||||
|
|
||||||
return $this->router->generate('homepage');
|
return $this->router->generate('homepage');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (!Uri::isAbsolutePathReference(new Uri($url))) {
|
||||||
|
return $this->router->generate('homepage');
|
||||||
|
}
|
||||||
|
|
||||||
|
return $url;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -73,6 +73,13 @@ class RedirectTest extends TestCase
|
||||||
$this->assertSame('/unread/list', $redirectUrl);
|
$this->assertSame('/unread/list', $redirectUrl);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function testRedirectToAbsoluteUrl()
|
||||||
|
{
|
||||||
|
$redirectUrl = $this->redirect->to('https://www.google.com/');
|
||||||
|
|
||||||
|
$this->assertSame('/', $redirectUrl);
|
||||||
|
}
|
||||||
|
|
||||||
public function testWithNotLoggedUser()
|
public function testWithNotLoggedUser()
|
||||||
{
|
{
|
||||||
$redirect = new Redirect($this->routerMock, new TokenStorage());
|
$redirect = new Redirect($this->routerMock, new TokenStorage());
|
||||||
|
|
Loading…
Reference in New Issue