Skip to content

Commit

Permalink
Disallow empty (undeletable) redirect URIs
Browse files Browse the repository at this point in the history
  • Loading branch information
@foodelevator
foodelevator committed Aug 19, 2024
1 parent 2c3a194 commit 43bca8b
Show file tree
Hide file tree
Showing 3 changed files with 7 additions and 3 deletions.
3 changes: 3 additions & 0 deletions services/admin/handlers.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -426,6 +426,9 @@ func (s *service) addRedirectURI(w http.ResponseWriter, r *http.Request) httputi
return httputil.BadRequest("Invalid id")
}
newURI := r.FormValue("redirect-uri")
if newURI == "" {
return httputil.BadRequest("Missing uri")
}

client, err := s.db.GetClient(r.Context(), id)
if err == pgx.ErrNoRows {
Expand Down
1 change: 1 addition & 0 deletions services/admin/oidc_clients.templ
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,7 @@ templ oidcClient(client database.OidcClient, secret []byte) {
<input
type="text"
name="redirect-uri"
required
class={ input }
autofocus
/>
Expand Down
6 changes: 3 additions & 3 deletions services/admin/oidc_clients_templ.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

0 comments on commit 43bca8b

Please sign in to comment.