Sanitized missing places
This commit is contained in:
parent
8963a92f30
commit
e91fd26964
|
@ -23,6 +23,7 @@ from app.db import Session
|
||||||
from app.extensions import limiter
|
from app.extensions import limiter
|
||||||
from app.log import LOG
|
from app.log import LOG
|
||||||
from app.models import User, Fido, MfaBrowser
|
from app.models import User, Fido, MfaBrowser
|
||||||
|
from app.utils import sanitize_next_url
|
||||||
|
|
||||||
|
|
||||||
class FidoTokenForm(FlaskForm):
|
class FidoTokenForm(FlaskForm):
|
||||||
|
@ -54,7 +55,7 @@ def fido():
|
||||||
auto_activate = True
|
auto_activate = True
|
||||||
fido_token_form = FidoTokenForm()
|
fido_token_form = FidoTokenForm()
|
||||||
|
|
||||||
next_url = request.args.get("next")
|
next_url = sanitize_next_url(request.args.get("next"))
|
||||||
|
|
||||||
if request.cookies.get("mfa"):
|
if request.cookies.get("mfa"):
|
||||||
browser = MfaBrowser.get_by(token=request.cookies.get("mfa"))
|
browser = MfaBrowser.get_by(token=request.cookies.get("mfa"))
|
||||||
|
|
|
@ -7,7 +7,7 @@ from app.config import GITHUB_CLIENT_ID, GITHUB_CLIENT_SECRET, URL
|
||||||
from app.db import Session
|
from app.db import Session
|
||||||
from app.log import LOG
|
from app.log import LOG
|
||||||
from app.models import User, SocialAuth
|
from app.models import User, SocialAuth
|
||||||
from app.utils import encode_url, sanitize_email
|
from app.utils import encode_url, sanitize_email, sanitize_next_url
|
||||||
|
|
||||||
_authorization_base_url = "https://github.com/login/oauth/authorize"
|
_authorization_base_url = "https://github.com/login/oauth/authorize"
|
||||||
_token_url = "https://github.com/login/oauth/access_token"
|
_token_url = "https://github.com/login/oauth/access_token"
|
||||||
|
@ -19,7 +19,7 @@ _redirect_uri = URL + "/auth/github/callback"
|
||||||
|
|
||||||
@auth_bp.route("/github/login")
|
@auth_bp.route("/github/login")
|
||||||
def github_login():
|
def github_login():
|
||||||
next_url = request.args.get("next")
|
next_url = sanitize_next_url(request.args.get("next"))
|
||||||
if next_url:
|
if next_url:
|
||||||
redirect_uri = _redirect_uri + "?next=" + encode_url(next_url)
|
redirect_uri = _redirect_uri + "?next=" + encode_url(next_url)
|
||||||
else:
|
else:
|
||||||
|
@ -97,6 +97,6 @@ def github_callback():
|
||||||
Session.commit()
|
Session.commit()
|
||||||
|
|
||||||
# The activation link contains the original page, for ex authorize page
|
# The activation link contains the original page, for ex authorize page
|
||||||
next_url = request.args.get("next") if request.args else None
|
next_url = sanitize_next_url(request.args.get("next")) if request.args else None
|
||||||
|
|
||||||
return after_login(user, next_url)
|
return after_login(user, next_url)
|
||||||
|
|
|
@ -19,6 +19,7 @@ from app.db import Session
|
||||||
from app.email_utils import send_invalid_totp_login_email
|
from app.email_utils import send_invalid_totp_login_email
|
||||||
from app.extensions import limiter
|
from app.extensions import limiter
|
||||||
from app.models import User, MfaBrowser
|
from app.models import User, MfaBrowser
|
||||||
|
from app.utils import sanitize_next_url
|
||||||
|
|
||||||
|
|
||||||
class OtpTokenForm(FlaskForm):
|
class OtpTokenForm(FlaskForm):
|
||||||
|
@ -48,7 +49,7 @@ def mfa():
|
||||||
return redirect(url_for("auth.login"))
|
return redirect(url_for("auth.login"))
|
||||||
|
|
||||||
otp_token_form = OtpTokenForm()
|
otp_token_form = OtpTokenForm()
|
||||||
next_url = request.args.get("next")
|
next_url = sanitize_next_url(request.args.get("next"))
|
||||||
|
|
||||||
if request.cookies.get("mfa"):
|
if request.cookies.get("mfa"):
|
||||||
browser = MfaBrowser.get_by(token=request.cookies.get("mfa"))
|
browser = MfaBrowser.get_by(token=request.cookies.get("mfa"))
|
||||||
|
|
|
@ -11,6 +11,7 @@ from app.email_utils import send_invalid_totp_login_email
|
||||||
from app.extensions import limiter
|
from app.extensions import limiter
|
||||||
from app.log import LOG
|
from app.log import LOG
|
||||||
from app.models import User, RecoveryCode
|
from app.models import User, RecoveryCode
|
||||||
|
from app.utils import sanitize_next_url
|
||||||
|
|
||||||
|
|
||||||
class RecoveryForm(FlaskForm):
|
class RecoveryForm(FlaskForm):
|
||||||
|
@ -37,7 +38,7 @@ def recovery_route():
|
||||||
return redirect(url_for("auth.login"))
|
return redirect(url_for("auth.login"))
|
||||||
|
|
||||||
recovery_form = RecoveryForm()
|
recovery_form = RecoveryForm()
|
||||||
next_url = request.args.get("next")
|
next_url = sanitize_next_url(request.args.get("next"))
|
||||||
|
|
||||||
if recovery_form.validate_on_submit():
|
if recovery_form.validate_on_submit():
|
||||||
code = recovery_form.code.data
|
code = recovery_form.code.data
|
||||||
|
|
|
@ -8,6 +8,7 @@ from wtforms import PasswordField, validators
|
||||||
|
|
||||||
from app.dashboard.base import dashboard_bp
|
from app.dashboard.base import dashboard_bp
|
||||||
from app.log import LOG
|
from app.log import LOG
|
||||||
|
from app.utils import sanitize_next_url
|
||||||
|
|
||||||
_SUDO_GAP = 900
|
_SUDO_GAP = 900
|
||||||
|
|
||||||
|
@ -28,7 +29,7 @@ def enter_sudo():
|
||||||
session["sudo_time"] = int(time())
|
session["sudo_time"] = int(time())
|
||||||
|
|
||||||
# User comes to sudo page from another page
|
# User comes to sudo page from another page
|
||||||
next_url = request.args.get("next")
|
next_url = sanitize_next_url(request.args.get("next"))
|
||||||
if next_url:
|
if next_url:
|
||||||
LOG.d("redirect user to %s", next_url)
|
LOG.d("redirect user to %s", next_url)
|
||||||
return redirect(next_url)
|
return redirect(next_url)
|
||||||
|
|
|
@ -30,7 +30,7 @@ from app.oauth_models import (
|
||||||
SUPPORTED_OPENID_FLOWS_STR,
|
SUPPORTED_OPENID_FLOWS_STR,
|
||||||
response_types_to_str,
|
response_types_to_str,
|
||||||
)
|
)
|
||||||
from app.utils import random_string, encode_url
|
from app.utils import random_string, encode_url, sanitize_next_url
|
||||||
|
|
||||||
|
|
||||||
@oauth_bp.route("/authorize", methods=["GET", "POST"])
|
@oauth_bp.route("/authorize", methods=["GET", "POST"])
|
||||||
|
@ -45,7 +45,7 @@ def authorize():
|
||||||
oauth_client_id = request.args.get("client_id")
|
oauth_client_id = request.args.get("client_id")
|
||||||
state = request.args.get("state")
|
state = request.args.get("state")
|
||||||
scope = request.args.get("scope")
|
scope = request.args.get("scope")
|
||||||
redirect_uri = request.args.get("redirect_uri")
|
redirect_uri = sanitize_next_url(request.args.get("redirect_uri"))
|
||||||
response_mode = request.args.get("response_mode")
|
response_mode = request.args.get("response_mode")
|
||||||
nonce = request.args.get("nonce")
|
nonce = request.args.get("nonce")
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue