• Bob Van Landuyt's avatar
    Reuses `InternalRedirect` when possible · 39916fdf
    Bob Van Landuyt authored
    `InternalRedirect` prevents Open redirect issues by only allowing
    redirection to paths on the same host.
    
    It cleans up any unwanted strings from the path that could point to
    another host (fe. //about.gitlab.com/hello). While preserving the
    querystring and fragment of the uri.
    
    It is already used by:
    
    - `TermsController`
    - `ContinueParams`
      - `ImportsController`
      - `ForksController`
    - `SessionsController`: Only for verifying the host in CE. EE allows
       redirecting to a different instance using Geo.
    39916fdf
continue_params.rb 354 Bytes