Skip to content

fix(redirect): allow credentials for HTTPS redirects in different domains#10264

Open
Cheekie25 wants to merge 1 commit into
nextcloud:masterfrom
Cheekie25:https_redirect_different_domain
Open

fix(redirect): allow credentials for HTTPS redirects in different domains#10264
Cheekie25 wants to merge 1 commit into
nextcloud:masterfrom
Cheekie25:https_redirect_different_domain

Conversation

@Cheekie25

@Cheekie25 Cheekie25 commented Jun 26, 2026

Copy link
Copy Markdown

Resolves

10258

Summary

Thanks to this PR, it's now possible to redirect in different domains which is often the case with forward proxy.

Fixes: Regression from commit 585b6ca

Checklist

AI (if applicable)

…ains

This patch improves the redirect credential handling to support
legitimate SSO scenarios while maintaining security.

Assisted-by: ClaudeCode:claude-opus-4-8

Signed-off-by: cheekie <nico183@outlook.fr>
Comment on lines +649 to +651
if (const auto trustedRedirectHosts = settings.value(QLatin1String(trustedRedirectHostsC)).toStringList(); !trustedRedirectHosts.isEmpty()) {
acc->setTrustedRedirectHosts(trustedRedirectHosts);
}

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

could you explain the reasoning behind this setting?

from what I can tell this list is never updated/set by the client itself, updating the trusted redirect hosts list would require manual modification of the config file while the client is stopped

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants