steve
/
sunrise-cms
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

use a set

deepsource-autofix-76c6eb20
Dan Gowans 2022-09-09 13:36:49 -04:00
parent 4c202e69f1
commit 7eac5a1ba0
2 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
routes/login.js
View File

@ -3,7 +3,7 @@ import * as configFunctions from "../helpers/functions.config.js";
import * as authenticationFunctions from "../helpers/functions.authentication.js";
import { useTestDatabases } from "../data/databasePaths.js";
export const router = Router();
const safeRedirects = [
const safeRedirects = new Set([
"/admin/fees",
"/admin/occupancytypes",
"/admin/tables",
@ -16,14 +16,14 @@ const safeRedirects = [
"/workorders",
"/workorders/new",
"/reports"
];
]);
const getSafeRedirectURL = (possibleRedirectURL = "") => {
const urlPrefix = configFunctions.getProperty("reverseProxy.urlPrefix");
if (typeof possibleRedirectURL === "string") {
const urlToCheck = (possibleRedirectURL.startsWith(urlPrefix)
? possibleRedirectURL.slice(urlPrefix.length)
: possibleRedirectURL).toLowerCase();
if (safeRedirects.includes(urlToCheck) ||
if (safeRedirects.has(urlToCheck) ||
/^(\/maps\/)\d+(\/edit)?$/.test(urlToCheck) ||
/^(\/lots\/)\d+(\/edit)?$/.test(urlToCheck) ||
/^(\/lotoccupancies\/)\d+(\/edit)?$/.test(urlToCheck) ||

6
routes/login.ts
View File

@ -10,7 +10,7 @@ import type * as recordTypes from "../types/recordTypes";
export const router = Router();
const safeRedirects = [
const safeRedirects = new Set([
"/admin/fees",
"/admin/occupancytypes",
"/admin/tables",
@ -23,7 +23,7 @@ const safeRedirects = [
"/workorders",
"/workorders/new",
"/reports"
];
]);
const getSafeRedirectURL = (possibleRedirectURL = "") => {
const urlPrefix = configFunctions.getProperty("reverseProxy.urlPrefix");
@ -36,7 +36,7 @@ const getSafeRedirectURL = (possibleRedirectURL = "") => {
).toLowerCase();
if (
safeRedirects.includes(urlToCheck) ||
safeRedirects.has(urlToCheck) ||
/^(\/maps\/)\d+(\/edit)?$/.test(urlToCheck) ||
/^(\/lots\/)\d+(\/edit)?$/.test(urlToCheck) ||
/^(\/lotoccupancies\/)\d+(\/edit)?$/.test(urlToCheck) ||