From 88ef888752fb9b23d11ffd13d709a1bb3f495f4c Mon Sep 17 00:00:00 2001 From: Andy Voltz Date: Tue, 21 Jul 2020 11:38:13 -0400 Subject: [PATCH] Preserve query when building redirect (fix for #695) (#696) * Add test for GetRedirect to check query and fragments. * Preserve query and fragment when building redirect. * Add changelog entry for redirect fix --- CHANGELOG.md | 1 + oauthproxy.go | 3 ++- oauthproxy_test.go | 5 +++++ 3 files changed, 8 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 5f473fcd..fa317b23 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -11,6 +11,7 @@ ## Changes since v6.0.0 +- [#696](https://github.com/oauth2-proxy/oauth2-proxy/pull/696) Preserve query when building redirect - [#561](https://github.com/oauth2-proxy/oauth2-proxy/pull/561) Refactor provider URLs to package level vars (@JoelSpeed) - [#682](https://github.com/oauth2-proxy/oauth2-proxy/pull/682) Refactor persistent session store session ticket management (@NickMeves) - [#688](https://github.com/oauth2-proxy/oauth2-proxy/pull/688) Refactor session loading to make use of middleware pattern (@JoelSpeed) diff --git a/oauthproxy.go b/oauthproxy.go index a2053ad1..64df8eb1 100644 --- a/oauthproxy.go +++ b/oauthproxy.go @@ -454,7 +454,8 @@ func (p *OAuthProxy) GetRedirect(req *http.Request) (redirect string, err error) redirect = req.Form.Get("rd") } if !p.IsValidRedirect(redirect) { - redirect = req.URL.Path + // Use RequestURI to preserve ?query + redirect = req.URL.RequestURI() if strings.HasPrefix(redirect, p.ProxyPrefix) { redirect = "/" } diff --git a/oauthproxy_test.go b/oauthproxy_test.go index cb14c717..83425274 100644 --- a/oauthproxy_test.go +++ b/oauthproxy_test.go @@ -1678,6 +1678,11 @@ func TestGetRedirect(t *testing.T) { url: "/foo/bar", expectedRedirect: "/foo/bar", }, + { + name: "request with query preserves query", + url: "/foo?bar", + expectedRedirect: "/foo?bar", + }, { name: "request under ProxyPrefix redirects to root", url: proxy.ProxyPrefix + "/foo/bar",