Reviewed: https://review.openstack.org/180343 Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=b48c820e3015a0d6264df6a0a87bf1a3dbea61c4 Submitter: Jenkins Branch: master
commit b48c820e3015a0d6264df6a0a87bf1a3dbea61c4 Author: Lin Hua Cheng <email address hidden> Date: Tue May 5 22:33:24 2015 +0000
Revert "Loosen validation on matching trusted dashboard"
Loosening the validation introduce a security hole for unvalidated redirect.
For example: redirect_url=http://dashboard/sso?next=http://hacksite
This reverts commit fb6920e5fe1fef2fa32afe602d2bf93f18d48a3f.
Change-Id: I7e85b2b879f4c66c3664e8610d3ddbb999a5ac75 Closes-Bug: #1440958
Reviewed: https:/ /review. openstack. org/180343 /git.openstack. org/cgit/ openstack/ keystone/ commit/ ?id=b48c820e301 5a0d6264df6a0a8 7bf1a3dbea61c4
Committed: https:/
Submitter: Jenkins
Branch: master
commit b48c820e3015a0d 6264df6a0a87bf1 a3dbea61c4
Author: Lin Hua Cheng <email address hidden>
Date: Tue May 5 22:33:24 2015 +0000
Revert "Loosen validation on matching trusted dashboard"
Loosening the validation introduce a security hole for unvalidated redirect.
For example: redirect_url=http:// dashboard/ sso?next= http:// hacksite
This reverts commit fb6920e5fe1fef2 fa32afe602d2bf9 3f18d48a3f.
Change-Id: I7e85b2b879f4c6 6c3664e8610d3dd bb999a5ac75
Closes-Bug: #1440958