fix:redirect host not match domain

jordemort · Aug 31, 2023 · 0e5372e · 0e5372e
1 parent d972a18
commit 0e5372e
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/internal/auth.go b/internal/auth.go
@@ -140,7 +140,7 @@ func ValidateRedirect(r *http.Request, redirect string) (*url.URL, error) {
 	if use, base := useAuthDomain(r); use {
 		// If we are using an auth domain, they redirect must share a common
 		// suffix with the requested redirect
-		if !strings.HasSuffix(redirectURL.Host, base) {
+		if !strings.HasSuffix(strings.Split(redirectURL.Host, ":")[0], base) {
 			return nil, errors.New("Redirect host does not match any expected hosts (should match cookie domain when using auth host)")
 		}
 	} else {