We are moving to Git Issues for bug tracking in future releases. During transition, content will be in both tools. If you'd like to file a new bug, please create an issue.

Bug 7959 - login source parameter should remain within OJS context
login source parameter should remain within OJS context
Status: NEW
Product: OJS
Classification: Unclassified
Component: Framework
All All
: P3 normal
Assigned To: PKP Support
Depends on:
  Show dependency treegraph
Reported: 2012-10-10 06:28 PDT by Jason Nugent
Modified: 2012-10-10 06:28 PDT (History)
0 users

See Also:
Version Reported In:
Also Affects:


Note You need to log in before you can comment on or make changes to this bug.
Description Jason Nugent 2012-10-10 06:28:57 PDT
It is currently possible to pass a fully qualified URL as the 'source' parameter, to be performed as a redirect once login occurs.  This parameter should be sanitized to only allow redirection to pages or components within the OJS installation.