-
Notifications
You must be signed in to change notification settings - Fork 969
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: return_to url in registration flow not respected when user is already registered (Fix for: #2420) #2957
fix: return_to url in registration flow not respected when user is already registered (Fix for: #2420) #2957
Conversation
…in the registration flow.
Codecov Report
@@ Coverage Diff @@
## master #2957 +/- ##
==========================================
+ Coverage 76.16% 76.30% +0.13%
==========================================
Files 309 309
Lines 19046 19039 -7
==========================================
+ Hits 14507 14528 +21
+ Misses 3414 3390 -24
+ Partials 1125 1121 -4
Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice 👍
Thank you very much 🎉
Hello @supercairos |
…user is already registered (ory#2957)
This commit fix kratos to properly follow the return_to query params in the registration flow if the user is already logged-in
This fix follows the same logic as in other flow as it can be seen in the login flow for exemple:
kratos/selfservice/flow/login/handler.go
Lines 423 to 430 in 11f9d30
Related issue(s)
#2805
#2420
Reproducing issue(s)
On the 0.11.0:
return_to
url to your config inselfservice.allowed_return_urls
http://127.0.0.1:4433/self-service/registration/browser?return_to=https://perdu.com
You should be redirected to
perdu.com
(if perdu.com was in yourallowed_return_urls
)Notice that you're only redirected to the value you've setup in
selfservice.default_browser_return_url
Checklist
introduces a new feature.
contributing code guidelines.
vulnerability. If this pull request addresses a security vulnerability, I
confirm that I got the approval (please contact
security@ory.sh) from the maintainers to push
the changes.
works.