diff --git a/plugins/Login/Controller.php b/plugins/Login/Controller.php index 1f2fa7d68dc..18c66c62e1d 100644 --- a/plugins/Login/Controller.php +++ b/plugins/Login/Controller.php @@ -21,6 +21,7 @@ use Piwik\QuickForm2; use Piwik\Session; use Piwik\Url; +use Piwik\UrlHelper; use Piwik\View; /** @@ -126,7 +127,6 @@ function index() function login($messageNoAccess = null, $infoMessage = false) { $form = new FormLogin(); - $form->removeAttribute('action'); // remove action attribute, otherwise hash part will be lost if ($form->validate()) { $nonce = $form->getSubmitValue('form_nonce'); if (Nonce::verifyNonce('Login.login', $nonce)) { @@ -303,14 +303,19 @@ protected function authenticateAndRedirect($login, $password, $urlToRedirect = f $this->passwordResetter->removePasswordResetInfo($login); if (empty($urlToRedirect)) { - $referrer = Url::getReferrer(); - $module = Common::getRequestVar('module', '', 'string'); + $redirect = Common::unsanitizeInputValue(Common::getRequestVar('form_redirect', false)); + $redirectParams = UrlHelper::getArrayFromQueryString(UrlHelper::getQueryFromUrl($redirect)); + $module = Common::getRequestVar('module', '', 'string', $redirectParams); // when module is login, we redirect to home... - if ($module !== 'Login' && $module !== Piwik::getLoginPluginName() && $referrer) { - $host = Url::getHostFromUrl($referrer); + if (!empty($module) && $module !== 'Login' && $module !== Piwik::getLoginPluginName() && $redirect) { + $host = Url::getHostFromUrl($redirect); + $currentHost = Url::getHost(); + $currentHost = explode(':', $currentHost, 2)[0]; + // we only redirect to a trusted host - if ($host && Url::isValidHost($host)) { - $urlToRedirect = $referrer; + if (!empty($host) && !empty($currentHost) && $host == $currentHost && Url::isValidHost($host) + ) { + $urlToRedirect = $redirect; } } } diff --git a/plugins/Login/FormLogin.php b/plugins/Login/FormLogin.php index 16213ab56bc..934c12952ce 100644 --- a/plugins/Login/FormLogin.php +++ b/plugins/Login/FormLogin.php @@ -19,6 +19,7 @@ class FormLogin extends QuickForm2 { function __construct($id = 'login_form', $method = 'post', $attributes = null, $trackSubmit = false) { + $attributes = array_merge($attributes ?: [], [ 'action' => '?module=' . Piwik::getLoginPluginName() ]); parent::__construct($id, $method, $attributes, $trackSubmit); } @@ -30,6 +31,8 @@ function init() $this->addElement('password', 'form_password') ->addRule('required', Piwik::translate('General_Required', Piwik::translate('General_Password'))); + $this->addElement('hidden', 'form_redirect'); + $this->addElement('hidden', 'form_nonce'); $this->addElement('checkbox', 'form_rememberme'); diff --git a/plugins/Login/javascripts/login.js b/plugins/Login/javascripts/login.js index 981f02b6432..a2d5c2f482d 100644 --- a/plugins/Login/javascripts/login.js +++ b/plugins/Login/javascripts/login.js @@ -39,6 +39,9 @@ }); }; + // set login form redirect url + $('#login_form_redirect').val(window.location.href); + // 'lost your password?' on click $('#login_form_nav').click(function (e) { e.preventDefault(); diff --git a/plugins/Login/templates/login.twig b/plugins/Login/templates/login.twig index 875d5e6818f..a3bf51fd469 100644 --- a/plugins/Login/templates/login.twig +++ b/plugins/Login/templates/login.twig @@ -35,6 +35,7 @@
+