From 905a9b08238ed7bc420e011b61fcf5f5565f9f2b Mon Sep 17 00:00:00 2001 From: Douglas Hall Date: Tue, 16 Oct 2018 15:39:10 -0400 Subject: [PATCH] Allow redirects to subdomains after login. --- lms/static/js/spec/student_account/access_spec.js | 10 ---------- lms/static/js/student_account/views/AccessView.js | 5 +---- 2 files changed, 1 insertion(+), 14 deletions(-) diff --git a/lms/static/js/spec/student_account/access_spec.js b/lms/static/js/spec/student_account/access_spec.js index afa139ac03..b592a79ade 100644 --- a/lms/static/js/spec/student_account/access_spec.js +++ b/lms/static/js/spec/student_account/access_spec.js @@ -217,16 +217,6 @@ expect(view.redirect).toHaveBeenCalledWith(FORWARD_URL); }); - it('ignores redirect to external URLs', function() { - ajaxSpyAndInitialize(this, 'register', 'http://www.example.com'); - - // Trigger auth complete - view.subview.register.trigger('auth-complete'); - - // Expect that we ignore the external URL and redirect to the dashboard - expect(view.redirect).toHaveBeenCalledWith('/dashboard'); - }); - it('hides create an account section', function() { ajaxSpyAndInitialize(this, 'login', '', '', false); diff --git a/lms/static/js/student_account/views/AccessView.js b/lms/static/js/student_account/views/AccessView.js index 45f385993b..db3ec5c9b3 100644 --- a/lms/static/js/student_account/views/AccessView.js +++ b/lms/static/js/student_account/views/AccessView.js @@ -56,10 +56,7 @@ this.accountActivationMessages = options.account_activation_messages || []; if (options.login_redirect_url) { - // Ensure that the next URL is internal for security reasons - if (! window.isExternal(options.login_redirect_url)) { - this.nextUrl = options.login_redirect_url; - } + this.nextUrl = options.login_redirect_url; } this.formDescriptions = {