From c8ac9827ded7e20995c6e8daab414b0022af7e9a Mon Sep 17 00:00:00 2001
From: Olav Morken <olav.morken@uninett.no>
Date: Tue, 14 Dec 2010 08:36:14 +0000
Subject: [PATCH] Utilities::redirect: Verify target URL type.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2684 44740490-163a-0410-bde0-09ae8108e29a
---
 lib/SimpleSAML/Utilities.php | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/lib/SimpleSAML/Utilities.php b/lib/SimpleSAML/Utilities.php
index 46a0ea887..19bbfbd40 100644
--- a/lib/SimpleSAML/Utilities.php
+++ b/lib/SimpleSAML/Utilities.php
@@ -473,6 +473,11 @@ class SimpleSAML_Utilities {
 			$url = self::selfURLhost() . $url;
 		}
 
+		/* Verify that the URL is to a http or https site. */
+		if (!preg_match('@^https?://@i', $url)) {
+			throw new SimpleSAML_Error_Exception('Redirect to invalid URL: ' . $url);
+		}
+
 		/* Determine which prefix we should put before the first
 		 * parameter.
 		 */
-- 
GitLab