🔒 Use sanitizeUrl on redirectPath auth param (#1389)

apps/builder/package.json

@@ -13,6 +13,7 @@
     "format:check": "prettier --check ./src"
   },
   "dependencies": {
+    "@braintree/sanitize-url": "7.0.1",
     "@chakra-ui/anatomy": "2.1.1",
     "@chakra-ui/react": "2.7.1",
     "@chakra-ui/theme-tools": "2.0.18",

apps/builder/src/features/auth/components/SignInForm.tsx

@@ -28,10 +28,12 @@ import { useToast } from '@/hooks/useToast'
 import { TextLink } from '@/components/TextLink'
 import { SignInError } from './SignInError'
 import { useTranslate } from '@tolgee/react'
+import { sanitizeUrl } from '@braintree/sanitize-url'
 
 type Props = {
   defaultEmail?: string
 }
+
 export const SignInForm = ({
   defaultEmail,
 }: Props & HTMLChakraProps<'form'>) => {
@@ -55,7 +57,8 @@ export const SignInForm = ({
 
   useEffect(() => {
     if (status === 'authenticated') {
-      router.replace(router.query.redirectPath?.toString() ?? '/typebots')
+      const redirectPath = router.query.redirectPath?.toString()
+      router.replace(redirectPath ? sanitizeUrl(redirectPath) : '/typebots')
       return
     }
     ;(async () => {

pnpm-lock.yaml

@@ -29,6 +29,9 @@ importers:
 
   apps/builder:
     dependencies:
+      '@braintree/sanitize-url':
+        specifier: 7.0.1
+        version: 7.0.1
       '@chakra-ui/anatomy':
         specifier: 2.1.1
         version: 2.1.1
@@ -3334,6 +3337,10 @@ packages:
     resolution: {integrity: sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==}
     dev: true
 
+  /@braintree/sanitize-url@7.0.1:
+    resolution: {integrity: sha512-URg8UM6lfC9ZYqFipItRSxYJdgpU5d2Z4KnjsJ+rj6tgAmGme7E+PQNCiud8g0HDaZKMovu2qjfa0f5Ge0Vlsg==}
+    dev: false
+
   /@chakra-ui/accordion@2.2.0(@chakra-ui/system@2.5.8)(framer-motion@10.12.20)(react@18.2.0):
     resolution: {integrity: sha512-2IK1iLzTZ22u8GKPPPn65mqJdZidn4AvkgAbv17ISdKA07VHJ8jSd4QF1T5iCXjKfZ0XaXozmhP4kDhjwF2IbQ==}
     peerDependencies: