From c969f617a88fca36f076a23fdeee904a422d74c1 Mon Sep 17 00:00:00 2001
From: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
Date: Wed, 2 Oct 2024 13:16:48 -0400
Subject: [PATCH] PM-13103 - DuoRedirect - fix redirectToDuoFrameless logic to
 allow either duosecurity.com or duofederal.com as valid redirect urls. The
 existing logic failed b/c the construction of the previous check would reject
 all URLs. (#11363)

---
 apps/web/src/connectors/duo-redirect.ts | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/apps/web/src/connectors/duo-redirect.ts b/apps/web/src/connectors/duo-redirect.ts
index ddbf75e53c..2b8a3de4de 100644
--- a/apps/web/src/connectors/duo-redirect.ts
+++ b/apps/web/src/connectors/duo-redirect.ts
@@ -54,8 +54,10 @@ function redirectToDuoFrameless(redirectUrl: string) {
 
   if (
     validateUrl.protocol !== "https:" ||
-    !validateUrl.hostname.endsWith("duosecurity.com") ||
-    !validateUrl.hostname.endsWith("duofederal.com")
+    !(
+      validateUrl.hostname.endsWith("duosecurity.com") ||
+      validateUrl.hostname.endsWith("duofederal.com")
+    )
   ) {
     throw new Error("Invalid redirect URL");
   }