matrix
/
hydrogen-web
mirror of https://github.com/vector-im/hydrogen-web.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
hydrogen-web/src/matrix/login
History
Paulo Pinto ad02c1625f Encode SSO redirect URL as it may contain multiple query parameters 
If the returnURL contains multiple query parameters (e.g. http://localhost:3000?foo=bar&bar=baz), the homeserver would fail to correctly parse the URL, and only the first query parameter would be kept.

This is not an issue with the homeserver since the URL cannot be parsed in an unambiguous way, as the resulting URL would be:

https://example.com/_matrix/client/r0/login/sso/redirect?redirectUrl=http://localhost:3000?foo=bar&bar=baz

It's not possible to know whether the bar parameter is part of the "parent" URL, or part of the redirectUrl parameter.

----

To fix this, we now encode the redirectUrl parameter, which results in:

https://example.com/_matrix/client/r0/login/sso/redirect?redirectUrl=http%3A%2F%2Flocalhost%3A3000%2Fparent.html%3Ffoo%3Dbar%26bar%3Dbaz

This URL is correctly parsed by synapse.
 		2022-10-27 15:42:24 +01:00
..
LoginMethod.ts Change return type 2021-11-25 12:33:12 +05:30
PasswordLoginMethod.ts Change return type 2021-11-25 12:33:12 +05:30
SSOLoginHelper.ts Encode SSO redirect URL as it may contain multiple query parameters 2022-10-27 15:42:24 +01:00
TokenLoginMethod.ts Change return type 2021-11-25 12:33:12 +05:30
index.ts updates some signatures to be more verbose, fixes wrong type for attemptLogin 2022-07-27 22:09:30 -07:00