Jakach/jakach-login
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

adding redirect warnings to external systems
Deploy / deploy (push) Successful in 33s
Details

Browse Source
This commit is contained in:
janis steiner
2026-05-07 22:37:44 +02:00
parent f9a814445b
commit f038581c34
5 changed files with 86 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app-code/api/utils/security.php
+19
View File
@@ -295,4 +295,23 @@ function append_auth_token_to_redirect(string $redirect, string $auth_token): st
return $redirect . $separator . 'auth=' . rawurlencode($auth_token);
}
function is_external_domain(string $url): ?string
{
if (!str_starts_with($url, 'http://') && !str_starts_with($url, 'https://')) {
return null;
}
$host = parse_url($url, PHP_URL_HOST);
if ($host === null || $host === '') {
return null;
}
$host = strtolower($host);
if ($host === 'auth.jakach.ch' || str_ends_with($host, '.jakach.ch')) {
return null;
}
return $host;
}
?>