Security fix: redirection in google_api/authorizations_controller

author: Shinya Maeda <shinya@gitlab.com> 2017-10-06 15:28:40 +0300
committer: Shinya Maeda <shinya@gitlab.com> 2017-10-06 15:28:40 +0300
commit: f293288589f24e1928b57dcd3428b762ae9ced79 (patch)
tree: d54b6425ac0fe596e27d3cbe291e08f28b10267b /app/controllers/google_api
parent: 5ced761ebdcb0579377e338c2e321e4ba0373336 (diff)
1 files changed, 7 insertions, 2 deletions
diff --git a/app/controllers/google_api/authorizations_controller.rb b/app/controllers/google_api/authorizations_controller.rb
index e4f76fb493e..709d1d34796 100644
--- a/app/controllers/google_api/authorizations_controller.rb
+++ b/app/controllers/google_api/authorizations_controller.rb
@@ -9,8 +9,13 @@ module GoogleApi
       session[GoogleApi::CloudPlatform::Client.session_key_for_expires_at] =
         expires_at.to_s
 
-      if params[:state].present?
-        redirect_to params[:state]
+      key, _ = GoogleApi::CloudPlatform::Client
+        .session_key_for_second_redirect_uri(secure: params[:state])
+
+      second_redirect_uri = session[key]
+
+      if second_redirect_uri.present?
+        redirect_to second_redirect_uri
       else
         redirect_to root_path
       end
author	Shinya Maeda <shinya@gitlab.com>	2017-10-06 15:28:40 +0300
committer	Shinya Maeda <shinya@gitlab.com>	2017-10-06 15:28:40 +0300
commit	f293288589f24e1928b57dcd3428b762ae9ced79 (patch)
tree	d54b6425ac0fe596e27d3cbe291e08f28b10267b /app/controllers/google_api
parent	5ced761ebdcb0579377e338c2e321e4ba0373336 (diff)