projects / Evergreen.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: cd666f9) | patch
LP#1314827: On login, don't allow referer-based redirect to external site
authorJeff Davis <jdavis@sitka.bclibraries.ca>
Fri, 16 May 2014 22:14:43 +0000 (15:14 -0700)
committerBen Shum <bshum@biblio.org>
Fri, 3 Oct 2014 06:20:48 +0000 (02:20 -0400)
commit9f3b44c6f86e6b3cf6bf60f9f25b105bc3e8b73a
treecd3a2a3f5b2ffb37c869ae1cf2ae3f1bfc5a68eetree
parentcd666f98c7d1460b8ff1d7df3b2528bb028cd9dfcommit | diff
LP#1314827: On login, don't allow referer-based redirect to external site

On /eg/opac/login, if no redirect_to param is provided, the TPAC will
attempt to use the referer (if any) as the redirect destination. This
leads to undesirable behavior if the referring URL is from an external
site.

Signed-off-by: Jeff Davis <jdavis@sitka.bclibraries.ca>
Signed-off-by: Ben Shum <bshum@biblio.org>
Open-ILS/src/templates/opac/parts/login/form.tt2 diff | blob | history
Evergreen ILS