Perform basic checks on RedirectURL

git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@967 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4

1 files changed, 7 insertions, 2 deletions

diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessorImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessorImpl.java
index 615fcc9d..18e38752 100644
--- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessorImpl.java
+++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/HTTPBindingProcessorImpl.java
@@ -437,7 +437,7 @@ public class HTTPBindingProcessorImpl extends AbstractBindingProcessor implement
 				} else {
 					log.info("Content type not set in dataurl response.");
 					closeDataUrlConnection();
-                    throw new SLBindingException(2007);
+					throw new SLBindingException(2007);
 				}
 
 				break;
@@ -608,7 +608,12 @@ public class HTTPBindingProcessorImpl extends AbstractBindingProcessor implement
 	 * @return null if redirect url is not set.
 	 */
 	public String getRedirectURL() {
-		return getFormParameterAsString(FixedFormParameters.REDIRECTURL);
+		String redirectURL = getFormParameterAsString(FixedFormParameters.REDIRECTURL);
+		log.debug("Evaluating redirectURL: " + redirectURL);
+		if (redirectURL == null || redirectURL.isEmpty() || redirectURL.contains("\r") || redirectURL.contains("\n") ||
+				redirectURL.contains("<") || redirectURL.toLowerCase().contains("javascript:"))
+			return null;
+		return redirectURL;
 	}
 
 	public String getFormDataContentType(String aParameterName) {