[Owncloud] fixed redirect to desired page after login
Frank Karlitschek
frank at owncloud.org
Fri May 18 13:18:51 UTC 2012
On 18.05.2012, at 15:16, Michiel de Jong <michiel at unhosted.org> wrote:
> Hi!
>
> Since the new routing, if the user is made to log in, we were always
> sending her to the 'files' app, not to the page where she actually
> wanted to go. There was also htmlentities() in the redirect header
> which made no sense IMO.
>
> As this is quite important code, i was waiting for someone in
> owncloud-dev to look at it together, but in the end i just committed
> this:
>
> http://gitorious.org/owncloud/owncloud/commit/ea33b4aaa104252ff344e93a434e6c2eedcf438b/diffs/9b5e8a2c634e07d9c6e1693158e224eda7e5f673
>
This introduces a XSS bug.
Please revert
> So maybe Georg or someone else should check if this is what was
> intended. At least it was broken before, and this commit fixes it.
> Have a nice release! tomorrow, right?
>
>
> cheers,
> Michiel
> _______________________________________________
> Owncloud mailing list
> Owncloud at kde.org
> https://mail.kde.org/mailman/listinfo/owncloud
More information about the Owncloud
mailing list