You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
There are cases where allowing the user to input a To URL without a leading slash produce weird redirects. See #4501 (comment)
Besides the case described in that comment, there are other that needs to be validated. For example when we redirect to external sites, this should allow a URL that starts with http for example.
I pushed a commit for one of these cases at f6fed2d but I also realize that we are using jQuery to dynamically change the inputs of the form. This is a problem when the form returned a validation error since it starts with the default state (no inputs at all) and a red error message which could confuse even more our users.
The text was updated successfully, but these errors were encountered:
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
There are cases where allowing the user to input a
To URL
without a leading slash produce weird redirects. See #4501 (comment)Besides the case described in that comment, there are other that needs to be validated. For example when we redirect to external sites, this should allow a URL that starts with
http
for example.I pushed a commit for one of these cases at f6fed2d but I also realize that we are using jQuery to dynamically change the inputs of the form. This is a problem when the form returned a validation error since it starts with the default state (no inputs at all) and a red error message which could confuse even more our users.
The text was updated successfully, but these errors were encountered: