mirror of
https://github.com/azukaar/Cosmos-Server.git
synced 2025-12-31 17:29:53 -06:00
df0f19bec7
* Mitigate open redirect vulnerability in login page Current implementation won't allow full url redirection within local origin, and will allow open redirection with href like "//google.com". Comparing redirect url's origin with current origin will ensure the two share the same protocol, hostname, and port. * Update .clabot Add catmandx to list of contributors for creating pull request