From f4c6690f1fde6310a3da52e8c96452420573b10c Mon Sep 17 00:00:00 2001
From: laraproto <laraproto@proton.me>
Date: Sat, 2 Nov 2024 22:46:23 +0200
Subject: [PATCH] fix some redirect vulnerabilities

---
 backend/src/api/auth.ts | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/backend/src/api/auth.ts b/backend/src/api/auth.ts
index 42bdd0f6..bfdcd868 100644
--- a/backend/src/api/auth.ts
+++ b/backend/src/api/auth.ts
@@ -114,7 +114,7 @@ export function initAuth(router: express.Router) {
   router.get(
     "/auth/new-login",
     (req: Request, res: Response, next: NextFunction) => {
-      res.cookie("redir", `${env.DASHBOARD_URL}/new/login-callback/`, { httpOnly: true });
+      res.cookie("redir", `/new/login-callback/`, { httpOnly: true });
 
       next();
     },
@@ -128,13 +128,13 @@ export function initAuth(router: express.Router) {
       if (req.user && req.user.apiKey) {
         res.redirect(
           req.cookies.redir
-            ? `${req.cookies.redir.toString()}?apiKey=${req.user.apiKey}`
+            ? `${env.DASHBOARD_URL}${req.cookies.redir.toString()}?apiKey=${req.user.apiKey}`
             : `${env.DASHBOARD_URL}/login-callback/?apiKey=${req.user.apiKey}`,
         );
       } else {
         res.redirect(
           req.cookies.redir
-            ? `${req.cookies.redir.toString()}?error=noAccess`
+            ? `${env.DASHBOARD_URL}${req.cookies.redir.toString()}?error=noAccess`
             : `${env.DASHBOARD_URL}/login-callback/?error=noAccess`,
         );
       }