Defect #41930 » fix_redirect_to_back_url_with_port.patch
| app/controllers/application_controller.rb | ||
|---|---|---|
| 505 | 505 |
|
| 506 | 506 |
begin |
| 507 | 507 |
uri = Addressable::URI.parse(back_url) |
| 508 |
[:scheme, :host, :port].each do |component|
|
|
| 508 |
[:scheme, :port, :host].each do |component|
|
|
| 509 | 509 |
if uri.send(component).present? && uri.send(component) != request.send(component) |
| 510 | 510 |
return false |
| 511 | 511 |
end |
| test/functional/account_controller_test.rb | ||
|---|---|---|
| 660 | 660 |
end |
| 661 | 661 |
end |
| 662 | 662 |
end |
| 663 |
|
|
| 664 |
def test_validate_back_url |
|
| 665 |
request.host = 'example.com' |
|
| 666 |
|
|
| 667 |
assert_equal '/admin', @controller.send(:validate_back_url, 'http://example.com/admin') |
|
| 668 |
assert_equal '/issues?query_id=1#top', @controller.send(:validate_back_url, 'http://example.com/issues?query_id=1#top') |
|
| 669 |
assert_equal false, @controller.send(:validate_back_url, 'http://invalid.example.com/issues') |
|
| 670 |
end |
|
| 671 |
|
|
| 672 |
def test_validate_back_url_with_port |
|
| 673 |
request.host = 'example.com:3000' |
|
| 674 |
|
|
| 675 |
assert_equal '/admin', @controller.send(:validate_back_url, 'http://example.com:3000/admin') |
|
| 676 |
assert_equal '/issues?query_id=1#top', @controller.send(:validate_back_url, 'http://example.com:3000/issues?query_id=1#top') |
|
| 677 |
assert_equal false, @controller.send(:validate_back_url, 'http://invalid.example.com:3000/issues') |
|
| 678 |
end |
|
| 663 | 679 |
end |
| 664 |
- |
|