Merge pull request #905 from intuitem/hotfix/open-redirect

Mitigate open redirect
intuitem · Oct 8, 2024 · 6550815 · 6550815
2 parents 6034e60 + 7b80cff
commit 6550815
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/frontend/src/lib/utils/helpers.ts b/frontend/src/lib/utils/helpers.ts
@@ -60,7 +60,7 @@ export function formatScoreValue(value: number, max_score: number, fullDonut = f
 }
 
 export function getSecureRedirect(url: any): string {
-	const SECURE_REDIRECT_URL_REGEX = /^\/[^/]/;
+	const SECURE_REDIRECT_URL_REGEX = /^\/\w+/;
 	return typeof url === 'string' && SECURE_REDIRECT_URL_REGEX.test(url) ? url : '';
 }