stijnhau
commented
7 years ago @ivok Why is it closed? Did you find a confuguration setting for this? Did an other PR fixed this problem, ...?
Closed ivok closed 7 years ago
stijnhau
commented
7 years ago @ivok Why is it closed? Did you find a confuguration setting for this? Did an other PR fixed this problem, ...?
ivok
commented
7 years ago It is closed, because the implementation that I made, actually brakes some concepts about security like passing redirect URI to query param. I think that the concept of this module is based on those rules and may be it has to be as it is - to accept only named routes.
Even though I made this for my purpouse and you can fork or use my repo. Ultimately I made validation of the passed URI, as the router is trying to match the url. I think this prevents unwanted behaviour.
If some one thinks that this is not propery way, let me know
When pass a redirect param for child route e.g. "home/about" it has to be decoded from "%2Fhome%2Fabout" to clean string "home/about" because the routeExists() returns always false.
Also I added functionality to pass not only named route as redirect parameter but also an specific URI. It was not able until now to set redirect to some dynamically generated url, because the getRedirect() method tries to assemble route by its name.
Now except named routes, matched url-s are also possible to pass as redirect param. Added also urlExists() method to validate if the passed url is matched by router.