TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-08-12 11:17:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: allow native applications to use https:// on loopback redirect addresses (#9073)

Browse Source 
# Which Problems Are Solved

- The current validation for native redirect URIs does not allow HTTPS
loopback addresses.

# How the Problems Are Solved

- Enhanced the validation logic to permit HTTPS loopback addresses,
ensuring that developers can use these addresses without encountering
validation errors.
- Updated zitadel/oidc to latest version

# Additional Context

- Closes #4091
- This pr need to be closed first in our OIDC lib:
https://github.com/zitadel/oidc/pull/691

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>

(cherry picked from commit 8b1b9cbb98)
This commit is contained in:
Ramon
2025-03-21 14:55:16 +01:00
committed by Livio Spring
parent 113a4ed817
commit d869e21939
3 changed files with 41 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
console/src/app/pipes/redirect-pipe/redirect.pipe.ts
View File

@@ -11,7 +11,12 @@ export class RedirectPipe implements PipeTransform {
uri.startsWith('http://localhost:') ||
uri.startsWith('http://127.0.0.1') ||
uri.startsWith('http://[::1]') ||
uri.startsWith('http://[0:0:0:0:0:0:0:1]')
uri.startsWith('http://[0:0:0:0:0:0:0:1]') ||
uri.startsWith('https://localhost/') ||
uri.startsWith('https://localhost:') ||
uri.startsWith('https://127.0.0.1') ||
uri.startsWith('https://[::1]') ||
uri.startsWith('https://[0:0:0:0:0:0:0:1]')
) {
return true;
}