bitwarden/browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser synced 2025-12-12 14:23:32 +00:00
Code Issues Releases Wiki Activity

PM-13103 - DuoRedirect - fix redirectToDuoFrameless logic to allow either duosecurity.com or duofederal.com as valid redirect urls. The existing logic failed b/c the construction of the previous check would reject all URLs. (#11363)

Browse Source
This commit is contained in:
Jared Snider
2024-10-02 13:16:48 -04:00
committed by GitHub
parent 22a9e8788b
commit c969f617a8
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
apps/web/src/connectors/duo-redirect.ts
View File

@@ -54,8 +54,10 @@ function redirectToDuoFrameless(redirectUrl: string) {
if ( if (
validateUrl.protocol !== "https:" || validateUrl.protocol !== "https:" ||
!validateUrl.hostname.endsWith("duosecurity.com") || !(
!validateUrl.hostname.endsWith("duofederal.com") validateUrl.hostname.endsWith("duosecurity.com") ||
validateUrl.hostname.endsWith("duofederal.com")
)
) { ) {
throw new Error("Invalid redirect URL"); throw new Error("Invalid redirect URL");
} }