Merge lp:~canonical-isd-hackers/canonical-identity-provider/logout-returnto-referer-matching-fix into lp:canonical-identity-provider/release
Proposed by
Stuart Metcalfe
Status: | Merged | ||||
---|---|---|---|---|---|
Approved by: | David Owen | ||||
Approved revision: | no longer in the source branch. | ||||
Merged at revision: | 118 | ||||
Proposed branch: | lp:~canonical-isd-hackers/canonical-identity-provider/logout-returnto-referer-matching-fix | ||||
Merge into: | lp:canonical-identity-provider/release | ||||
Diff against target: |
72 lines (+36/-10) 2 files modified
identityprovider/tests/test_views_ui_logout.py (+30/-2) identityprovider/views/ui.py (+6/-8) |
||||
To merge this branch: | bzr merge lp:~canonical-isd-hackers/canonical-identity-provider/logout-returnto-referer-matching-fix | ||||
Related bugs: |
|
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
David Owen (community) | Approve | ||
Review via email: mp+40991@code.launchpad.net |
Commit message
Fixed issue where logout return_to argument was looking for matches to the http referer
Description of the change
This branch fixes an issue where the HTTP Referer had to exactly match the trust root in order to accept the return URL. It now matches any URL beneath the trust root.
To post a comment you must log in.