API: Fix missing wildcards after login redirect (#4348)
This PR fixes an issue where the `scopes` parameter would see its wildmark characters (*) removed during the login page redirection, after that a call to `/authorize_token` was made while the user was not logged in. Closes issue 4200
This commit is contained in:
commit
c85b908613
1 changed files with 1 additions and 1 deletions
|
@ -262,7 +262,7 @@ def get_referer(env, fallback = "/", unroll = true)
|
|||
end
|
||||
|
||||
referer = referer.request_target
|
||||
referer = "/" + referer.gsub(/[^\/?@&%=\-_.:,0-9a-zA-Z]/, "").lstrip("/\\")
|
||||
referer = "/" + referer.gsub(/[^\/?@&%=\-_.:,*0-9a-zA-Z]/, "").lstrip("/\\")
|
||||
|
||||
if referer == env.request.path
|
||||
referer = fallback
|
||||
|
|
Loading…
Reference in a new issue