Author: mwringe Date: 2011-11-14 14:19:40 -0500 (Mon, 14 Nov 2011) New Revision: 8055 Modified: portal/trunk/component/web/security/src/main/java/org/exoplatform/web/login/DoLoginServlet.java Log: GTNPORTAL-2269: only allow initial URI login redirects to locations on the same server. Modified: portal/trunk/component/web/security/src/main/java/org/exoplatform/web/login/DoLoginServlet.java =================================================================== --- portal/trunk/component/web/security/src/main/java/org/exoplatform/web/login/DoLoginServlet.java 2011-11-14 11:04:23 UTC (rev 8054) +++ portal/trunk/component/web/security/src/main/java/org/exoplatform/web/login/DoLoginServlet.java 2011-11-14 19:19:40 UTC (rev 8055) @@ -27,6 +27,8 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; +import java.net.URI; +import java.net.URISyntaxException; /** * @author <a href="mailto:julien.viet@exoplatform.com">Julien Viet</a> @@ -42,11 +44,27 @@ { String initialURI = req.getParameter("initialURI"); log.debug("Performing the do login send redirect with initialURI=" + initialURI + " and remoteUser=" + req.getRemoteUser()); + if (initialURI == null || initialURI.length() == 0) { initialURI = req.getContextPath(); } + try + { + URI uri = new URI(initialURI); + if (uri.isAbsolute() && !(uri.getHost().equals(req.getServerName()))) + { + log.warn("Cannot redirect to an URI outside of the current host when using a login redirect. Redirecting to the portal context path instead."); + initialURI = req.getContextPath(); + } + } + catch (URISyntaxException e) + { + log.warn("Initial URI in login link is malformed. Redirecting to the portal context path instead."); + initialURI = req.getContextPath(); + } + // resp.sendRedirect(resp.encodeRedirectURL(initialURI)); }