fix goodReferrer regex didn't accept minus signs

2019-08-24 15:57:21 +02:00 · 2019-08-24 15:57:21 +02:00 · 904e68f3b7
parent bdab4f4564
commit 904e68f3b7
1 changed files with 2 additions and 3 deletions
--- a/app/controllers/Auth.scala
+++ b/app/controllers/Auth.scala
@ -31,17 +31,16 @@ object Auth extends LilaController {
      }
    }

-  private val refRegex = """[\w@/-=?]++""".r
+  private val refRegex = """[\w@/\-=?]++""".r

  // do not allow redirects to external sites,
  // nor redirect back to /mobile (which is shown after logout)
-  private def goodReferrer(referrer: String): Boolean = {
+  private def goodReferrer(referrer: String): Boolean =
    referrer.nonEmpty &&
      referrer.stripPrefix("/") != "mobile" && {
        (!referrer.contains("//") && refRegex.matches(referrer)) ||
          referrer.startsWith(Env.oAuth.baseUrl)
      }
-  }

  def authenticateUser(u: UserModel, result: Option[String => Result] = None)(implicit ctx: Context): Fu[Result] = {
    if (u.ipBan) fuccess(Redirect(routes.Lobby.home))