From ed041f8b5df58c4e612a0d0cbb920dc0b399b921 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhrozek@redhat.com>
Date: Sun, 10 May 2020 20:00:49 +0200
Subject: [PATCH 3/3] Backport of Fix open redirect starting with a slash
---
src/mod_auth_openidc.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/src/mod_auth_openidc.c b/src/mod_auth_openidc.c
index e86c61e..3c6efb4 100644
--- a/src/mod_auth_openidc.c
+++ b/src/mod_auth_openidc.c
@@ -2604,6 +2604,14 @@ static apr_byte_t oidc_validate_post_logout_url(request_rec *r, const char *url,
url);
oidc_error(r, "%s: %s", *err_str, *err_desc);
return FALSE;
+ } else if ((uri.hostname == NULL) && (strstr(url, "//") == url)) {
+ *err_str = apr_pstrdup(r->pool, "Malformed URL");
+ *err_desc =
+ apr_psprintf(r->pool,
+ "No hostname was parsed and starting with '//': %s",
+ url);
+ oidc_error(r, "%s: %s", *err_str, *err_desc);
+ return FALSE;
}
return TRUE;
--
2.21.3