diff options
Diffstat (limited to 'application/front/controller/visitor')
-rw-r--r-- | application/front/controller/visitor/ShaarliVisitorController.php | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/application/front/controller/visitor/ShaarliVisitorController.php b/application/front/controller/visitor/ShaarliVisitorController.php index cd27455b..55c075a2 100644 --- a/application/front/controller/visitor/ShaarliVisitorController.php +++ b/application/front/controller/visitor/ShaarliVisitorController.php | |||
@@ -142,6 +142,13 @@ abstract class ShaarliVisitorController | |||
142 | 142 | ||
143 | if (null !== $referer) { | 143 | if (null !== $referer) { |
144 | $currentUrl = parse_url($referer); | 144 | $currentUrl = parse_url($referer); |
145 | // If the referer is not related to Shaarli instance, redirect to default | ||
146 | if (isset($currentUrl['host']) | ||
147 | && strpos(index_url($this->container->environment), $currentUrl['host']) === false | ||
148 | ) { | ||
149 | return $response->withRedirect($defaultPath); | ||
150 | } | ||
151 | |||
145 | parse_str($currentUrl['query'] ?? '', $params); | 152 | parse_str($currentUrl['query'] ?? '', $params); |
146 | $path = $currentUrl['path'] ?? $defaultPath; | 153 | $path = $currentUrl['path'] ?? $defaultPath; |
147 | } else { | 154 | } else { |