appsembler / edx-platform

Appsembler Tahoe fork of Open edX. Branches: `main` for Juniper and `hawthorn/main` for Hawthorn.
https://appsembler.com/products/tahoe/
GNU Affero General Public License v3.0
13 stars 15 forks source link

fix: sanitize redirect_url parameter for logout #1339

Closed amirtds closed 1 year ago

amirtds commented 1 year ago

Change description

Sanitizing redirect URL to prevent XSS vulnerability

Type of change

Checklists

Development

Security

Code review

github-actions[bot] commented 1 year ago

Checking git merge conflicts against https://github.com/edx/edx-platform.git

Comparing with open-release/nutmeg.master
Benchmark conflicts with main 293
Current conflicts 295
Summary Adds 2 new conflicts. How can we do better?
New conflicting files with 'open-release/nutmeg.master' ``` openedx/core/djangoapps/user_authn/views/logout.py ```
Comparing with master
Benchmark conflicts with main 301
Current conflicts 303
Summary Adds 2 new conflicts. How can we do better?
New conflicting files with 'master' ``` openedx/core/djangoapps/user_authn/views/logout.py ```
github-actions[bot] commented 1 year ago

Checking git merge conflicts against https://github.com/edx/edx-platform.git

Comparing with open-release/nutmeg.master
Benchmark conflicts with main 293
Current conflicts 297
Summary Adds 4 new conflicts. How can we do better?
New conflicting files with 'open-release/nutmeg.master' ``` openedx/core/djangoapps/user_authn/views/logout.py openedx/core/djangoapps/user_authn/views/tests/test_logout.py ```
Comparing with master
Benchmark conflicts with main 301
Current conflicts 305
Summary Adds 4 new conflicts. How can we do better?
New conflicting files with 'master' ``` openedx/core/djangoapps/user_authn/views/logout.py openedx/core/djangoapps/user_authn/views/tests/test_logout.py ```
github-actions[bot] commented 1 year ago

Checking git merge conflicts against https://github.com/edx/edx-platform.git

Comparing with open-release/nutmeg.master
Benchmark conflicts with main 293
Current conflicts 296
Summary Adds 3 new conflicts. How can we do better?
New conflicting files with 'open-release/nutmeg.master' ``` openedx/core/djangoapps/user_authn/views/logout.py openedx/core/djangoapps/user_authn/views/tests/test_logout.py ```
Comparing with master
Benchmark conflicts with main 301
Current conflicts 304
Summary Adds 3 new conflicts. How can we do better?
New conflicting files with 'master' ``` openedx/core/djangoapps/user_authn/views/logout.py openedx/core/djangoapps/user_authn/views/tests/test_logout.py ```
github-actions[bot] commented 1 year ago

Checking git merge conflicts against https://github.com/edx/edx-platform.git

Comparing with open-release/nutmeg.master
Benchmark conflicts with main 293
Current conflicts 296
Summary Adds 3 new conflicts. How can we do better?
New conflicting files with 'open-release/nutmeg.master' ``` openedx/core/djangoapps/user_authn/views/logout.py openedx/core/djangoapps/user_authn/views/tests/test_logout.py ```
Comparing with master
Benchmark conflicts with main 301
Current conflicts 304
Summary Adds 3 new conflicts. How can we do better?
New conflicting files with 'master' ``` openedx/core/djangoapps/user_authn/views/logout.py openedx/core/djangoapps/user_authn/views/tests/test_logout.py ```