validate server path param for login redirect

WoWs-Builder-Team · Jul 16, 2023 · bd73f2e · bd73f2e · loris-s-sonarsource · Oct 24, 2024
1 parent 64c21f9
commit bd73f2e
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/WoWsShipBuilder.Web/Features/Authentication/AuthController.cs b/WoWsShipBuilder.Web/Features/Authentication/AuthController.cs
@@ -53,7 +53,7 @@ public Task<ActionResult> AuthenticationCanceled(string status, string message,
         return Task.FromResult<ActionResult>(Redirect("/"));
     }
 
-    [HttpGet("login/{server}")]
+    [HttpGet("login/{server:regex(^eu|asia|com$):required}")]
     public Task<ActionResult> Login(string server)
     {
         string baseUrl = $"{Request.Scheme}://{Request.Host}{Request.PathBase}";