aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLibravatarLarge Libravatar memdmp <memdmpestrogenzone>2025-09-21 01:56:36 +0200
committerLibravatarLarge Libravatar memdmp <memdmpestrogenzone>2025-09-21 01:56:36 +0200
commitbe7556d250738011701e1c177a052fd67e91fd82 (patch)
tree1a91b37614fbfa316c0746481dca8997f10457b2
parent6f718a7c8568716c64abd86a6913e88243849510 (diff)
downloadcrunched-be7556d250738011701e1c177a052fd67e91fd82.tar.gz
crunched-be7556d250738011701e1c177a052fd67e91fd82.tar.bz2
crunched-be7556d250738011701e1c177a052fd67e91fd82.tar.lz
crunched-be7556d250738011701e1c177a052fd67e91fd82.zip

fix: no blank next= infinite redirect, redir loop detections for missing scopes

Diffstat
-rw-r--r--src/routes/login/callback/ok/+page.svelte63
1 files changed, 58 insertions, 5 deletions
diff --git a/src/routes/login/callback/ok/+page.svelte b/src/routes/login/callback/ok/+page.svelte
index a71d962..75fb10c 100644
--- a/src/routes/login/callback/ok/+page.svelte
+++ b/src/routes/login/callback/ok/+page.svelte
@@ -1,13 +1,66 @@
<script lang="ts">
import { page } from '$app/state';
+ import { onDestroy, onMount } from 'svelte';
- let target = page.url.searchParams.get('next') ?? '/';
- if (new URL(target, page.url.href).host !== page.url.host) target = '/';
+ let _target = $derived(page.url.searchParams.get('next') || '/');
+ let target = $derived(
+ new URL(_target, page.url.href).host !== page.url.host ? '/' : _target
+ );
+ let loopDetected = $state(false);
+ let mounted = $state(false);
+ onMount(() => {
+ try {
+ if (
+ Number(
+ sessionStorage.getItem('lastLoginRedirect') ?? Date.now().toString()
+ ) +
+ 1000 >
+ Date.now() - 2500
+ ) {
+ if (sessionStorage.getItem('loopCheck')) {
+ loopDetected = true;
+ }
+ setTimeout(() => sessionStorage.setItem('loopCheck', '1'), 100);
+ } else {
+ sessionStorage.removeItem('loopCheck');
+ }
+ sessionStorage.setItem('lastLoginRedirect', Date.now().toString());
+ } catch (error) {
+ console.warn('Loop Detect Error:', error);
+ }
+ mounted = true;
+ });
+ onDestroy(() => (mounted = false));
</script>
<svelte:head>
- <meta http-equiv="refresh" content="0.1; url={target}" />
+ {#if !loopDetected}
+ <noscript>
+ <meta http-equiv="refresh" content="0.1; url={target}" />
+ </noscript>
+ {/if}
+ {#if mounted && !loopDetected}
+ <meta http-equiv="refresh" content="0.1; url={target}" />
+ {/if}
</svelte:head>
-<h2 class="text-xl">Redirecting...</h2>
-<p>If nothing happens, click <a href={target}>here</a>.</p>
+{#if loopDetected}
+ <h2 class="text-xl">Loop Detected</h2>
+ <p>
+ We detected a possible redirect loop and as such did not automatically
+ continue.
+ </p>
+ <p>
+ To continue anyway, click <a
+ href={target}
+ onclick={() => {
+ loopDetected = false;
+ sessionStorage.setItem('lastLoginRedirect', Date.now().toString());
+ sessionStorage.removeItem('loopCheck');
+ }}>here</a
+ >.
+ </p>
+{:else}
+ <h2 class="text-xl">Redirecting...</h2>
+ <p>If nothing happens, click <a href={target}>here</a>.</p>
+{/if}
generated by cgit v1.2.3 (git 2.25.1) at 2025-11-10 21:15:52 +0000