From dd1b97acd5b35b8743550ed6e5ac4149fd32299b Mon Sep 17 00:00:00 2001 From: Joel Speed Date: Mon, 11 Dec 2017 09:24:52 +0000 Subject: [PATCH] Remove duplicated logic --- oauthproxy.go | 17 +++++------------ 1 file changed, 5 insertions(+), 12 deletions(-) diff --git a/oauthproxy.go b/oauthproxy.go index cc85fa8..b25fbff 100644 --- a/oauthproxy.go +++ b/oauthproxy.go @@ -439,20 +439,13 @@ func (p *OAuthProxy) IsValidRedirect(redirect string) bool { switch { case strings.HasPrefix(redirect, "/") && !strings.HasPrefix(redirect, "//"): return true - case strings.HasPrefix(redirect, "http://"): - redirect = strings.TrimPrefix(redirect, "http://") - redirect = strings.Split(redirect, "/")[0] - for _, domain := range p.whitelistDomains { - if strings.HasSuffix(redirect, domain) { - return true - } + case strings.HasPrefix(redirect, "http://") || strings.HasPrefix(redirect, "https://"): + url, err := url.Parse(redirect) + if err != nil { + return false } - return false - case strings.HasPrefix(redirect, "https://"): - redirect = strings.TrimPrefix(redirect, "https://") - redirect = strings.Split(redirect, "/")[0] for _, domain := range p.whitelistDomains { - if strings.HasSuffix(redirect, domain) { + if (url.Host == domain) || (strings.HasPrefix(domain, ".") && strings.HasSuffix(url.Host, domain)) { return true } }