From 1de5ba034ed4c2f43d8c5bce1b09c362baaa4c2f Mon Sep 17 00:00:00 2001 From: Timeraider <57343973+GitTimeraider@users.noreply.github.com> Date: Tue, 5 Aug 2025 11:49:23 +0200 Subject: [PATCH] Potential fix for code scanning alert no. 14: URL redirection from remote source Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- app/auth.py | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/app/auth.py b/app/auth.py index 150f237..a10fbe5 100644 --- a/app/auth.py +++ b/app/auth.py @@ -6,7 +6,7 @@ import io import base64 from datetime import datetime - +from urllib.parse import urlparse auth_bp = Blueprint('auth', __name__) @auth_bp.route('/login', methods=['GET', 'POST']) @@ -32,7 +32,11 @@ def login(): login_user(user) next_page = request.args.get('next') - return redirect(next_page) if next_page else redirect(url_for('index')) + if next_page: + safe_next = next_page.replace('\\', '') + if not urlparse(safe_next).netloc and not urlparse(safe_next).scheme: + return redirect(safe_next) + return redirect(url_for('index')) else: flash('Invalid 2FA code', 'error') # Show 2FA form again with username preserved @@ -54,7 +58,11 @@ def login(): login_user(user) next_page = request.args.get('next') - return redirect(next_page) if next_page else redirect(url_for('index')) + if next_page: + safe_next = next_page.replace('\\', '') + if not urlparse(safe_next).netloc and not urlparse(safe_next).scheme: + return redirect(safe_next) + return redirect(url_for('index')) else: flash('Invalid username or password', 'error')