updated redirect response from login web service #560

sandialabs · Jan 22, 2016 · 5388b03 · 5388b03
1 parent 8112865
commit 5388b03
Showing 1 changed file with 11 additions and 8 deletions.
diff --git a/packages/slycat/web/server/handlers.py b/packages/slycat/web/server/handlers.py
@@ -699,13 +699,16 @@ def login():
     slycat.email.send_error("slycat-standard-authentication.py authenticate", "cherrypy.HTTPError 400")
     raise cherrypy.HTTPError(400)
   realm = None
-  try:
-    if urlparse.parse_qs(urlparse.urlparse(location).query)['from']:
-      unparsed_url = urlparse.parse_qs(urlparse.urlparse(location).query)['from']
-      response_url = urlparse.urlparse(unparsed_url)
-      # if response_url.__contains__()
-  except:
-    pass
+
+  # get the route they came from and check if the server root is the same,
+  # if so redirect to the place they came from
+  current_url = urlparse.urlparse(cherrypy.url())# gets current location on the server
+  if urlparse.parse_qs(urlparse.urlparse(location['href']).query)['from']:# get from query href
+    response_url = urlparse.parse_qs(urlparse.urlparse(location['href']).query)['from'][0]
+    if not response_url.__contains__(current_url.netloc):# check net location to avoid cross site script attacks
+      response_url = "https://" + current_url.netloc + "/projects"
+  else:
+    response_url = "https://" + current_url.netloc + "/projects"
 
   # Get the client ip, which might be forwarded by a proxy.
   remote_ip = cherrypy.request.headers.get("x-forwarded-for") if "x-forwarded-for" in cherrypy.request.headers else cherrypy.request.rem
@@ -745,7 +748,7 @@ def login():
   else:
     cherrypy.log.error("user %s at %s failed authentication" % (user_name, remote_ip))
     cherrypy.response.status = "404 no auth found!!!"
-  return {'success': success, 'location':location}
+  return {'success': success, 'location':response_url}
 
 
 login.password_check = None