ThanoshanMV opened a new pull request #1284: URL: https://github.com/apache/apisix-dashboard/pull/1284
Please answer these questions before submitting a pull request - Why submit this pull request? - [x] Bugfix - [ ] New feature provided - [ ] Improve performance - [ ] Backport patches - Related issues ___ ### Bugfix - Description Untrusted URL redirection due to user-provided value. - How to fix? We'll get the `redirectUrl` from `decodeURIComponent(redirect)`. Extract hostname from the `redirectUrl` and check if the current host and `redirectUrl`'s host are same. If yes, we'll perform the redirect action otherwise we don't perform any redirect action. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
