Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add redirect capabilities to Invest Controller #627

Merged
merged 8 commits into from
Dec 13, 2024
Merged

Add redirect capabilities to Invest Controller #627

merged 8 commits into from
Dec 13, 2024

Conversation

davidbeig
Copy link
Member

@davidbeig davidbeig commented Nov 26, 2024
edited
Loading

🎩 What? Why?

Please describe your pull request.

Allow the process of invest to return to an outside link.

Testing

Describe the best way to test or validate your PR.

Add the domain you want to be valid to your settings.yml under the 'url' field.

url:
    allowed_urls:
        - duckduckgo.net

Add a &redirect_to param to the query when accessing the invest landing of any project. Follow the donation flow and get redirected to that url. The host of that url has to match one of the domains configured in the settings, if it's not the redirect won't work.

♥️ Thank you!

@davidbeig davidbeig requested a review from subiabre November 26, 2024 14:04
@davidbeig davidbeig self-assigned this Nov 26, 2024
@davidbeig davidbeig changed the title feat/invest redirect to Add redirect capabilities to Invest Controller Nov 26, 2024
subiabre
subiabre previously approved these changes Nov 27, 2024
View reviewed changes
@davidbeig davidbeig marked this pull request as ready for review November 28, 2024 12:08
@davidbeig davidbeig requested a review from subiabre November 29, 2024 15:19
@davidbeig
Copy link
Member Author

davidbeig commented Dec 3, 2024
edited
Loading

There are some things missing in this PR.

  • Array map for the list of allowed domains.
  • Move the check of allowed domains before saving it to the session of the user.
  • Treat the url encode in the return_to param.

@davidbeig
Copy link
Member Author

@subiabre whenever you can, please

subiabre
subiabre reviewed Dec 4, 2024
View reviewed changes
src/Goteo/Controller/InvestController.php Outdated
$return_to = '';

if ($request->query->has('return_to')) {
$return_to = rawurldecode($request->query->get('return_to'));
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why not place the url decoding inside the isAllowedDomain static method? This way we can safely use the functionality without having to worry about the string we are passing to it.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good catch, thanks!

subiabre
subiabre approved these changes Dec 4, 2024
View reviewed changes
Copy link
Member

@subiabre subiabre left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@subiabre subiabre merged commit 2245b92 into live Dec 13, 2024
3 checks passed
@subiabre subiabre deleted the feat/invest_redirect_to branch December 13, 2024 10:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@subiabre subiabre subiabre approved these changes

Assignees

@davidbeig davidbeig

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@davidbeig @subiabre