Skip to content

Fix link/origin referrer and login redirect#36279

Merged
wxiaoguang merged 3 commits into
go-gitea:mainfrom
wxiaoguang:fix-referer-redirect
Jan 3, 2026
Merged

Fix link/origin referrer and login redirect#36279
wxiaoguang merged 3 commits into
go-gitea:mainfrom
wxiaoguang:fix-referer-redirect

Conversation

@wxiaoguang
Copy link
Copy Markdown
Contributor

@wxiaoguang wxiaoguang commented Jan 2, 2026
edited
Loading

Fix #35998

  1. Fix <a rel> :
    • "_blank" already means "noopener"
    • "noreferrer" is already provided by page's <meta name="referrer">
  2. Fix "redirect_to" mechisam
    • Use "referer" header to determine the redirect link for a successful login
  3. Simplify code and merge duplicate logic

@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Jan 2, 2026
@wxiaoguang wxiaoguang mentioned this pull request Jan 2, 2026
Closed
@wxiaoguang wxiaoguang force-pushed the fix-referer-redirect branch 2 times, most recently from 943b00e to 997913c Compare January 2, 2026 07:09
@wxiaoguang wxiaoguang force-pushed the fix-referer-redirect branch from 997913c to 5f4349b Compare January 2, 2026 07:55
@wxiaoguang wxiaoguang added this to the 1.26.0 milestone Jan 2, 2026
@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Jan 2, 2026
@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Jan 2, 2026
@wxiaoguang wxiaoguang merged commit b79dbfa into go-gitea:main Jan 3, 2026
24 checks passed
@wxiaoguang wxiaoguang deleted the fix-referer-redirect branch January 3, 2026 03:43
zjjhot added a commit to zjjhot/gitea that referenced this pull request Jan 5, 2026
@zjjhot
Merge remote-tracking branch 'giteaofficial/main'
d228c9a 
* giteaofficial/main:
  Move assign project when creating pull request to the same database transaction (go-gitea#36244)
  [skip ci] Updated translations via Crowdin
  Fix stats bug when syncing release (go-gitea#36285)
  Fix link/origin referrer and login redirect (go-gitea#36279)
  Always honor user's choice for "delete branch after merge" (go-gitea#36281)
  refactor(pprof): use explicit mux instead of DefaultServeMux (go-gitea#36276)
  improve the compare page (go-gitea#36261)
  mailer: pass request context to generateAdditionalHeadersForIssue (go-gitea#36274)
  feat(debian): use explicit, stronger defaults for newly generated repo signing keys (go-gitea#36236)
  Make "commit statuses" API accept slashes in "ref" (go-gitea#36264)

# Conflicts:
#	templates/base/footer_content.tmpl
#	templates/base/head_navbar.tmpl
@go-gitea go-gitea locked as resolved and limited conversation to collaborators Apr 3, 2026
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@lunny lunny lunny approved these changes

@Zettat123 Zettat123 Zettat123 approved these changes

Assignees

No one assigned

Labels

lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. type/bug

Projects

None yet

Milestone

1.26.0

Development

Successfully merging this pull request may close these issues.

Edit/Delete links on a file don't use redirect_to in login request

4 participants

@wxiaoguang @lunny @Zettat123 @GiteaBot