tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 14:05:37 +02:00
Code Issues Projects Releases Wiki Activity

Merge remote-tracking branch 'security/patch/3.1/ss-2016-001' into 3.1.19

Browse Source
This commit is contained in:
Daniel Hensby 2016-05-05 01:01:27 +01:00
commit 09370290dc
No known key found for this signature in database
GPG Key ID: E38EC566FE29EB66
1 changed files with 10 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
security/CMSSecurity.php
View File

@ -186,9 +186,16 @@ PHP
// Get redirect url
$controller = $this->getResponseController(_t('CMSSecurity.SUCCESS', 'Success'));
$backURL = $this->request->requestVar('BackURL')
?: Session::get('BackURL')
?: Director::absoluteURL(AdminRootController::config()->url_base, true);
$backURLs = array(
$this->getRequest()->requestVar('BackURL'),
Session::get('BackURL'),
Director::absoluteURL(AdminRootController::config()->url_base, true),
);
foreach ($backURLs as $backURL) {
if ($backURL && Director::is_site_url($backURL)) {
break;
}
}
// Show login
$controller = $controller->customise(array(