Preserve query when building redirect (fix for #695) (#696)

* Add test for GetRedirect to check query and fragments. * Preserve query and fragment when building redirect. * Add changelog entry for redirect fix
2025-03-21 21:47:11 +02:00 · 2020-07-21 11:38:13 -04:00 · 2020-07-21 11:38:13 -04:00 · 88ef888752
commit 88ef888752
parent c5da3dff9c
3 changed files with 8 additions and 1 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -11,6 +11,7 @@

 ## Changes since v6.0.0

+- [#696](https://github.com/oauth2-proxy/oauth2-proxy/pull/696) Preserve query when building redirect
 - [#561](https://github.com/oauth2-proxy/oauth2-proxy/pull/561) Refactor provider URLs to package level vars (@JoelSpeed)
 - [#682](https://github.com/oauth2-proxy/oauth2-proxy/pull/682) Refactor persistent session store session ticket management (@NickMeves)
 - [#688](https://github.com/oauth2-proxy/oauth2-proxy/pull/688) Refactor session loading to make use of middleware pattern (@JoelSpeed)
--- a/oauthproxy.go
+++ b/oauthproxy.go
@ -454,7 +454,8 @@ func (p *OAuthProxy) GetRedirect(req *http.Request) (redirect string, err error)
 		redirect = req.Form.Get("rd")
 	}
 	if !p.IsValidRedirect(redirect) {
-		redirect = req.URL.Path
+		// Use RequestURI to preserve ?query
+		redirect = req.URL.RequestURI()
 		if strings.HasPrefix(redirect, p.ProxyPrefix) {
 			redirect = "/"
 		}
--- a/oauthproxy_test.go
+++ b/oauthproxy_test.go
@ -1678,6 +1678,11 @@ func TestGetRedirect(t *testing.T) {
 			url:              "/foo/bar",
 			expectedRedirect: "/foo/bar",
 		},
+		{
+			name:             "request with query preserves query",
+			url:              "/foo?bar",
+			expectedRedirect: "/foo?bar",
+		},
 		{
 			name:             "request under ProxyPrefix redirects to root",
 			url:              proxy.ProxyPrefix + "/foo/bar",