routes: fix open redirect vulnerability (#5355)

Reported by @cezar97.
author: Unknwon <u@gogs.io> 2018-09-28 23:19:08 -0400
committer: Unknwon <u@gogs.io> 2018-09-28 23:19:29 -0400
commit: bd7d1e2f169d6cdfecd952a1d3ed55d0f49f4104 (patch)
tree: c6c0b5db2afb16081f3aecc8f441f7618f824a91 /routes/repo/repo.go
parent: aff0bbcc325d9564fcd2b08c2fd52281f0dfc486 (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/routes/repo/repo.go b/routes/repo/repo.go
index 26ebeca0..00dbc2f8 100644
--- a/routes/repo/repo.go
+++ b/routes/repo/repo.go
@@ -242,7 +242,7 @@ func Action(c *context.Context) {
 		err = models.StarRepo(c.User.ID, c.Repo.Repository.ID, false)
 	case "desc": // FIXME: this is not used
 		if !c.Repo.IsOwner() {
-			c.Error(404)
+			c.NotFound()
 			return
 		}
 
@@ -252,12 +252,12 @@ func Action(c *context.Context) {
 	}
 
 	if err != nil {
-		c.Handle(500, fmt.Sprintf("Action (%s)", c.Params(":action")), err)
+		c.ServerError(fmt.Sprintf("Action (%s)", c.Params(":action")), err)
 		return
 	}
 
 	redirectTo := c.Query("redirect_to")
-	if len(redirectTo) == 0 {
+	if !tool.IsSameSiteURLPath(redirectTo) {
 		redirectTo = c.Repo.RepoLink
 	}
 	c.Redirect(redirectTo)
author	Unknwon <u@gogs.io>	2018-09-28 23:19:08 -0400
committer	Unknwon <u@gogs.io>	2018-09-28 23:19:29 -0400
commit	bd7d1e2f169d6cdfecd952a1d3ed55d0f49f4104 (patch)
tree	c6c0b5db2afb16081f3aecc8f441f7618f824a91 /routes/repo/repo.go
parent	aff0bbcc325d9564fcd2b08c2fd52281f0dfc486 (diff)