[Catalyst] Trusting $c->req->uri after login
Gavin Henry
gavin.henry at gmail.com
Mon Sep 18 10:50:36 GMT 2017
Nevermind, I'd already done thought about this. Please ignore:
if ( !$c->user_exists ) {
$c->log->debug('***User not found, forwarding to /login')
if $c->debug();
# $c->uri_for will return the URL for the current action namespace,
# so, if you request /customers/faxes, we'll get /customers/faxes
# that way we don't trust $c->req->uri, even though looking at the code
# Catalyst it's OK
$c->log->debug( 'Saving previous URI: ' . $c->uri_for() )
if $c->debug();
$c->flash->{redirect_after_login} = $c->uri_for();
$c->response->redirect( $c->uri_for('/login') );
$c->detach();
}
More information about the Catalyst
mailing list