Skip to content

Commit

Permalink
return Uri
Browse files Browse the repository at this point in the history
  • Loading branch information
@imorland
imorland committed Jan 5, 2024
1 parent 743f4ea commit 19168b6
Showing 1 changed file with 5 additions and 4 deletions.
9 changes: 5 additions & 4 deletions framework/core/src/Forum/Controller/LogOutController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -124,21 +124,22 @@ public function handle(Request $request): ResponseInterface
return $this->rememberer->forget($response);
}

protected function sanitizeReturnUrl(string $url, string $base): string
protected function sanitizeReturnUrl(string $url, string $base): Uri
{
$parsedBase = new Uri($base);
if (empty($url)) {
return $base; // Return base URL for empty return URL
return $parsedBase; // Return base URL for empty return URL
}

$parsed = new Uri($url);

$host = $parsed->getHost();

if (in_array($host, $this->getWhitelistedRedirectDomains())) {
return $url;
return $parsed;
}

return $base; // Return base url for non-whitelisted domains
return $parsedBase; // Return base url for non-whitelisted domains
}

protected function getWhitelistedRedirectDomains(): array
Expand Down

0 comments on commit 19168b6

Please sign in to comment.