whs-authz-authn/caido-plugin-test
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

[Update] oauth 탐지 로직 정교화

Browse source
This commit is contained in:
tv0924@icloud.com 2025-06-02 10:56:42 +09:00
commit 1c57ad1a39
1 changed files with 7 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

14
packages/backend/src/controller/csrfCheck.ts
View file

@ -7,13 +7,13 @@ const httpUtils = new HttpUtils();
export class CsrfCheck {
private isTargetUri(uri: string): boolean {
if (
httpUtils.getQueryParamFromURI(uri, "client_id") &&
(httpUtils.getQueryParamFromURI(uri, "response_type") ||
httpUtils.getQueryParamFromURI(uri, "grant_type") ||
httpUtils.getQueryParamFromURI(uri, "redirect_uri") ||
httpUtils.getQueryParamFromURI(uri, "scope") ||
httpUtils.getQueryParamFromURI(uri, "state") ||
httpUtils.getQueryParamFromURI(uri, "nonce"))
httpUtils.getQueryParamFromURI(uri, "client_id") !== null &&
(httpUtils.getQueryParamFromURI(uri, "response_type") !== null ||
httpUtils.getQueryParamFromURI(uri, "grant_type") !== null ||
httpUtils.getQueryParamFromURI(uri, "redirect_uri") !== null ||
httpUtils.getQueryParamFromURI(uri, "scope") !== null ||
httpUtils.getQueryParamFromURI(uri, "state") !== null ||
httpUtils.getQueryParamFromURI(uri, "nonce") !== null)
) {
return true;
}