commit 6fbd0b758dcac71323f3be179b1a9d1c17a4acc5
Author: Sean Mooney <email address hidden>
Date: Mon Aug 23 15:37:48 2021 +0100
address open redirect with 3 forward slashes
Ie36401c782f023d1d5f2623732619105dc2cfa24 was intended
to address OSSA-2021-002 (CVE-2021-3654) however after its
release it was discovered that the fix only worked
for urls with 2 leading slashes or more then 4.
This change adresses the missing edgecase for 3 leading slashes
and also maintian support for rejecting 2+.
Reviewed: https:/ /review. opendev. org/c/openstack /nova/+ /805654 /opendev. org/openstack/ nova/commit/ 6fbd0b758dcac71 323f3be179b1a9d 1c17a4acc5
Committed: https:/
Submitter: "Zuul (22348)"
Branch: master
commit 6fbd0b758dcac71 323f3be179b1a9d 1c17a4acc5
Author: Sean Mooney <email address hidden>
Date: Mon Aug 23 15:37:48 2021 +0100
address open redirect with 3 forward slashes
Ie36401c782 f023d1d5f262373 2619105dc2cfa24 was intended
to address OSSA-2021-002 (CVE-2021-3654) however after its
release it was discovered that the fix only worked
for urls with 2 leading slashes or more then 4.
This change adresses the missing edgecase for 3 leading slashes
and also maintian support for rejecting 2+.
Change-Id: I95f68be76330ff 09e5eabb5ef8dd9 a18f5547866
co-authored-by: Matteo Pozza
Closes-Bug: #1927677