Merge pull request #1525 from DuendeSoftware/anders/comment-update

Update misleading comment
DuendeSoftware · Mar 6, 2024 · d7e9a55 · d7e9a55
2 parents aff8930 + 42d6ae0
commit d7e9a55
Show file tree

Hide file tree

Showing 4 changed files with 4 additions and 4 deletions.
diff --git a/hosts/AspNetIdentity/Pages/ExternalLogin/Challenge.cshtml.cs b/hosts/AspNetIdentity/Pages/ExternalLogin/Challenge.cshtml.cs
@@ -24,7 +24,7 @@ public IActionResult OnGet(string scheme, string? returnUrl)
     {
         if (string.IsNullOrEmpty(returnUrl)) returnUrl = "~/";
 
-        // validate returnUrl - either it is a valid OIDC URL or back to a local page
+        // Abort on incorrect returnUrl - it is neither a local url nor a valid OIDC url.
         if (Url.IsLocalUrl(returnUrl) == false && _interactionService.IsValidReturnUrl(returnUrl) == false)
         {
             // user might have clicked on a malicious link - should be logged

diff --git a/hosts/Configuration/Pages/ExternalLogin/Challenge.cshtml.cs b/hosts/Configuration/Pages/ExternalLogin/Challenge.cshtml.cs
@@ -24,7 +24,7 @@ public IActionResult OnGet(string scheme, string? returnUrl)
     {
         if (string.IsNullOrEmpty(returnUrl)) returnUrl = "~/";
 
-        // validate returnUrl - either it is a valid OIDC URL or back to a local page
+        // Abort on incorrect returnUrl - it is neither a local url nor a valid OIDC url.
         if (Url.IsLocalUrl(returnUrl) == false && _interactionService.IsValidReturnUrl(returnUrl) == false)
         {
             // user might have clicked on a malicious link - should be logged

diff --git a/hosts/EntityFramework/Pages/ExternalLogin/Challenge.cshtml.cs b/hosts/EntityFramework/Pages/ExternalLogin/Challenge.cshtml.cs
@@ -24,7 +24,7 @@ public IActionResult OnGet(string scheme, string? returnUrl)
     {
         if (string.IsNullOrEmpty(returnUrl)) returnUrl = "~/";
 
-        // validate returnUrl - either it is a valid OIDC URL or back to a local page
+        // Abort on incorrect returnUrl - it is neither a local url nor a valid OIDC url.
         if (Url.IsLocalUrl(returnUrl) == false && _interactionService.IsValidReturnUrl(returnUrl) == false)
         {
             // user might have clicked on a malicious link - should be logged

diff --git a/hosts/main/Pages/ExternalLogin/Challenge.cshtml.cs b/hosts/main/Pages/ExternalLogin/Challenge.cshtml.cs
@@ -24,7 +24,7 @@ public IActionResult OnGet(string scheme, string? returnUrl)
     {
         if (string.IsNullOrEmpty(returnUrl)) returnUrl = "~/";
 
-        // validate returnUrl - either it is a valid OIDC URL or back to a local page
+        // Abort on incorrect returnUrl - it is neither a local url nor a valid OIDC url.
         if (Url.IsLocalUrl(returnUrl) == false && _interactionService.IsValidReturnUrl(returnUrl) == false)
         {
             // user might have clicked on a malicious link - should be logged