fix goodReferrer regex didn't accept minus signs
This commit is contained in:
parent
bdab4f4564
commit
904e68f3b7
|
@ -31,17 +31,16 @@ object Auth extends LilaController {
|
|||
}
|
||||
}
|
||||
|
||||
private val refRegex = """[\w@/-=?]++""".r
|
||||
private val refRegex = """[\w@/\-=?]++""".r
|
||||
|
||||
// do not allow redirects to external sites,
|
||||
// nor redirect back to /mobile (which is shown after logout)
|
||||
private def goodReferrer(referrer: String): Boolean = {
|
||||
private def goodReferrer(referrer: String): Boolean =
|
||||
referrer.nonEmpty &&
|
||||
referrer.stripPrefix("/") != "mobile" && {
|
||||
(!referrer.contains("//") && refRegex.matches(referrer)) ||
|
||||
referrer.startsWith(Env.oAuth.baseUrl)
|
||||
}
|
||||
}
|
||||
|
||||
def authenticateUser(u: UserModel, result: Option[String => Result] = None)(implicit ctx: Context): Fu[Result] = {
|
||||
if (u.ipBan) fuccess(Redirect(routes.Lobby.home))
|
||||
|
|
Loading…
Reference in a new issue