01f09fa7

By: Michael Lynch <git@mtlynch.io> 

Reject unsafe login redirect targets

Validate the next path without sanitizing caller input, so malformed URLs and paths without a leading slash fail instead of falling back to the home page.

Add table-driven login coverage for protocol-relative URLs, external HTTP and HTTPS URLs, malformed URLs, non-HTTP absolute URLs, and valid app-relative paths.
Codeberg
Tree Timing
configuredevShellbackendbackend-devcheck-bashcheck-frontendcheck-go-formattingcheck-go-test-packagescheck-trailing-newlinecheck-trailing-whitespacediagramdocker-imagee2e-testsgo-testsimport-from-tinybeanslint-sqllittle-momentslittle-moments-devx86_64-linux

Agent Instructions

This page shows the dependency graph between runs in the suite.

For more instructions, fetch https://nix-ci.com/instructions .