Skip to content
This repository was archived by the owner on Apr 12, 2023. It is now read-only.
This repository was archived by the owner on Apr 12, 2023. It is now read-only.

Add protections for open redirects #3

@tommyschaefer

Description

Currently the proceed_to URL has no verification on it. This means that someone could accidentally use a proceed_to URL that's external to the Rails app. This presents a security risk because identity information would be available through the request parameters.

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancement 🎉A new feature or an improvement on an existing one

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions