STEMMechanics/Website
1
0
Fork 0
Code Issues 4 Pull Requests 1 Actions Packages Projects Releases 3 Wiki Activity

fix open redirect

Browse Source
This commit is contained in:
James Collins
2026-01-15 08:01:05 +10:00
parent cad78c30ae
commit 33d390a612
1 changed files with 23 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
public/script.js
View File

@@ -1,4 +1,26 @@
let SM = { let SM = {
redirectIfSafe: (target) => {
if (typeof target !== 'string' || target === '') {
window.location.assign('/');
return;
}
let url;
try {
url = new URL(target, window.location.origin);
} catch (error) {
window.location.assign('/');
return;
}
if (url.origin !== window.location.origin) {
window.location.assign('/');
return;
}
window.location.assign(url.href);
},
alert: (title, text, type = 'info') =>{ alert: (title, text, type = 'info') =>{
const data = { const data = {
position: 'top-end', position: 'top-end',
@@ -84,7 +106,7 @@ let SM = {
axios.delete(url) axios.delete(url)
.then((response) => { .then((response) => {
if(response.data.success){ if(response.data.success){
window.location.href = response.data.redirect; SM.redirectIfSafe(response.data.redirect);
} }
}) })
.catch(() => { .catch(() => {