pangolin_mirror/pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-03-09 12:16:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

verify redirects are safe before redirecting

Browse Source
This commit is contained in:
Milo Schwartz
2025-01-09 23:21:57 -05:00
parent a556339b76
commit 6c813186b8
18 changed files with 99 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/app/auth/verify-email/page.tsx
View File

@@ -1,5 +1,6 @@
import VerifyEmailForm from "@app/app/auth/verify-email/VerifyEmailForm";
import { verifySession } from "@app/lib/auth/verifySession";
import { cleanRedirect } from "@app/lib/cleanRedirect";
import { pullEnv } from "@app/lib/pullEnv";
import { redirect } from "next/navigation";
import { cache } from "react";
@@ -27,11 +28,16 @@ export default async function Page(props: {
redirect("/");
}
let redirectUrl: string | undefined;
if (searchParams.redirect) {
redirectUrl = cleanRedirect(searchParams.redirect as string);
}
return (
<>
<VerifyEmailForm
email={user.email}
redirect={searchParams.redirect as string}
redirect={redirectUrl}
/>
</>
);