@@ -727,6 +727,8 @@ if not errors:
727727 request.session[' samlUserdata' = auth.get_attributes()
728728 if ' RelayState' in req[' post_data' and
729729 OneLogin_Saml2_Utils.get_self_url(req) != req[' post_data' ' RelayState'
730+ # To avoid 'Open Redirect' attacks, before execute the redirection confirm
731+ # the value of the req['post_data']['RelayState'] is a trusted URL.
730732 auth.redirect_to(req[' post_data' ' RelayState'
731733 else :
732734 for attr_name in request.session[' samlUserdata'
@@ -789,6 +791,8 @@ url = auth.process_slo(delete_session_cb=delete_session_callback)
789791errors = auth.get_errors()
790792if len (errors) == 0 :
791793 if url is not None :
794+ # To avoid 'Open Redirect' attacks, before execute the redirection confirm
795+ # the value of the url is a trusted URL.
792796 return redirect(url)
793797 else :
794798 print (" Sucessfully Logged out"
@@ -916,6 +920,8 @@ elif 'acs' in request.args: # Assertion Consumer Service
916920 request.session[' samlSessionIndex' = auth.get_session_index()
917921 self_url = OneLogin_Saml2_Utils.get_self_url(req)
918922 if ' RelayState' in request.form and self_url != request.form[' RelayState'
923+ # To avoid 'Open Redirect' attacks, before execute the redirection confirm
924+ # the value of the request.form['RelayState'] is a trusted URL.
919925 return redirect(auth.redirect_to(request.form[' RelayState' # Redirect if there is a relayState
920926 else : # If there is user data we save that to print it later.
921927 msg = ' '
@@ -927,6 +933,8 @@ elif 'sls' in request.args: # Single
927933 errors = auth.get_errors() # Retrieves possible validation errors
928934 if len (errors) == 0 :
929935 if url is not None :
936+ # To avoid 'Open Redirect' attacks, before execute the redirection confirm
937+ # the value of the url is a trusted URL.
930938 return redirect(url)
931939 else :
932940 msg = " Sucessfully logged out"
0 commit comments