routes: fix open redirect vulnerability #5364 (#5365)

author: chromium1337 <CurseRed@Gmail.com> 2018-08-06 17:10:16 +0800
committer: 无闻 <u@gogs.io> 2018-08-06 17:10:16 +0800
commit: 1f247cf8139cb483276cd8dd06385a800ce9d4b2 (patch)
tree: 99ccb13dd19f405e226059e328e224b2e8cd5f93 /routes/user/auth.go
parent: c9bb33afc3ae35db21b26fd914bd80ca277a4e0d (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/routes/user/auth.go b/routes/user/auth.go
index 16e8bd2d..76e51c36 100644
--- a/routes/user/auth.go
+++ b/routes/user/auth.go
@@ -73,10 +73,10 @@ func AutoLogin(c *context.Context) (bool, error) {
 }
 
 // isValidRedirect returns false if the URL does not redirect to same site.
-// False: //url, http://url
+// False: //url, http://url, /\url
 // True: /url
 func isValidRedirect(url string) bool {
-	return len(url) >= 2 && url[0] == '/' && url[1] != '/'
+	return len(url) >= 2 && url[0] == '/' && url[1] != '/' && url[1] != '\\'
 }
 
 func Login(c *context.Context) {
author	chromium1337 <CurseRed@Gmail.com>	2018-08-06 17:10:16 +0800
committer	无闻 <u@gogs.io>	2018-08-06 17:10:16 +0800
commit	1f247cf8139cb483276cd8dd06385a800ce9d4b2 (patch)
tree	99ccb13dd19f405e226059e328e224b2e8cd5f93 /routes/user/auth.go
parent	c9bb33afc3ae35db21b26fd914bd80ca277a4e0d (diff)