In order to mitigate against the brute force attacks against Gitlab accounts, we are moving to all edu-ID Logins. We would like to remind you to link your account with your edu-id. Login will be possible only by edu-ID after November 30, 2021. Here you can find the instructions for linking your account.

If you don't have a SWITCH edu-ID, you can create one with this guide here

kind regards

Commit d7a065fa authored by haemmer's avatar haemmer
Browse files

Added a check in isVerifiedReturnURL

parent c96af4b1
......@@ -415,9 +415,9 @@ function isVerifiedReturnURL($entityID, $returnURL) {
return true;
}
if ($useACURLsForReturnParamCheck){
if ($useACURLsForReturnParamCheck && isset($SProviders[$entityID]['ACURL'])){
$returnURLHostName = getHostNameFromURI($returnURL);
foreach($SProviders[$entityID]['DSURL'] as $ACURL){
foreach($SProviders[$entityID]['ACURL'] as $ACURL){
if (getHostNameFromURI($ACURL) == $returnURLHostName){
return true;
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment