modules/viewvc/files/setcookieredirect.html


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27

<!DOCTYPE html>
<html>
    <head>
        <title>User check</title>
        <script type="text/javascript" defer>
            const randomValue = Math.random().toString(36).substring(2);
            document.cookie = `session=${randomValue}; path=/; expires=${new Date(Date.now() + 24*3600*1000).toUTCString()}`;
            const params = new Proxy(new URLSearchParams(window.location.search), {
              get: (searchParams, prop) => searchParams.get(prop),
            });
            let url = params.to;
            // Sanitize redirect path to avoid malicious arbitrary redirects
            if (/^\/[-a-zA-Z0-9~_.?&=/+]*$/.test(url)) {
                window.location.href = url;
            } else {
                window.onload = function() {
                    document.getElementById('error').innerHTML = 'Error! Bad redirect location!';
                }
            }
        </script>
    </head>
    <body>
        Redirecting back...
        <br>
        <p id="error"><!-- space for error message --></p>
    </body>
</html>