From bd7d1e2f169d6cdfecd952a1d3ed55d0f49f4104 Mon Sep 17 00:00:00 2001
From: Unknwon <u@gogs.io>
Date: Fri, 28 Sep 2018 23:19:08 -0400
Subject: routes: fix open redirect vulnerability (#5355)

Reported by @cezar97.
---
 routes/repo/repo.go | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'routes/repo/repo.go')

diff --git a/routes/repo/repo.go b/routes/repo/repo.go
index 26ebeca0..00dbc2f8 100644
--- a/routes/repo/repo.go
+++ b/routes/repo/repo.go
@@ -242,7 +242,7 @@ func Action(c *context.Context) {
 		err = models.StarRepo(c.User.ID, c.Repo.Repository.ID, false)
 	case "desc": // FIXME: this is not used
 		if !c.Repo.IsOwner() {
-			c.Error(404)
+			c.NotFound()
 			return
 		}
 
@@ -252,12 +252,12 @@ func Action(c *context.Context) {
 	}
 
 	if err != nil {
-		c.Handle(500, fmt.Sprintf("Action (%s)", c.Params(":action")), err)
+		c.ServerError(fmt.Sprintf("Action (%s)", c.Params(":action")), err)
 		return
 	}
 
 	redirectTo := c.Query("redirect_to")
-	if len(redirectTo) == 0 {
+	if !tool.IsSameSiteURLPath(redirectTo) {
 		redirectTo = c.Repo.RepoLink
 	}
 	c.Redirect(redirectTo)
-- 
cgit v1.2.3