From 80a98cf92d01ea9e7aa37a20194786669d145464 Mon Sep 17 00:00:00 2001
From: Fabian Jakobs <fabian@c9.io>
Date: Mon, 26 Oct 2015 15:38:37 +0000
Subject: [PATCH] use trusted redirect

---
 .../connect-architect/connect.redirect/redirect.js   | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/node_modules/connect-architect/connect.redirect/redirect.js b/node_modules/connect-architect/connect.redirect/redirect.js
index 010e98e8..a733ac71 100644
--- a/node_modules/connect-architect/connect.redirect/redirect.js
+++ b/node_modules/connect-architect/connect.redirect/redirect.js
@@ -1,11 +1,23 @@
 "use strict";
 
+var url = require("url");
+
 module.exports = function(options, imports, register) {
     
+    var trustedHosts = options.trustedHosts || {};
+    
     imports.connect.addResponseMethod("redirect", function(location) {
         this.writeHead(302, {Location: location});
         this.end("");
     });
+    imports.connect.addResponseMethod("secureRedirect", function(location) {
+        var parsedLocation = url.parse(location);
+        if (!(location.host in trustedHosts))
+            location = parsedLocation.path;
+            
+        this.writeHead(302, {Location: location});
+        this.end("");
+    });
     imports.connect.addResponseMethod("returnTo", function(req, defaultReturn) {
         var url = defaultReturn || "/";
         if (req.session && req.session.returnTo) {