From 0dcaa6e15062cdc3252ce52abd9057caf4c00a30 Mon Sep 17 00:00:00 2001
From: Bill Church <wmchurch@gmail.com>
Date: Fri, 20 May 2022 15:05:29 -0400
Subject: [PATCH] feat!: validate referer to /reauth is valid

---
 app/server/routes.js | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/app/server/routes.js b/app/server/routes.js
index 5326ae7..cc75e1f 100644
--- a/app/server/routes.js
+++ b/app/server/routes.js
@@ -10,11 +10,15 @@ const { parseBool } = require('./util');
 const config = require('./config');
 
 exports.reauth = function reauth(req, res) {
-  const r = req.headers.referer || '/';
+  let { referer } = req.headers;
+  console.log(`referer: ${referer}`);
+  if (!validator.isURL(referer, { host_whitelist: ['localhost'] })) referer = '/';
+  console.log(`referer: ${referer}`);
+
   res
     .status(401)
     .send(
-      `<!DOCTYPE html><html><head><meta http-equiv="refresh" content="0; url=${r}"></head><body bgcolor="#000"></body></html>`
+      `<!DOCTYPE html><html><head><meta http-equiv="refresh" content="0; url=${referer}"></head><body bgcolor="#000"></body></html>`
     );
 };