From afff91e0f378e27df417c3b5a3b9e9da5254c0e7 Mon Sep 17 00:00:00 2001 From: Ike <137194738+ike-kottlowski@users.noreply.github.com> Date: Thu, 19 Sep 2024 11:32:42 -0400 Subject: [PATCH] added duofederal.com to valid urls (#11137) --- apps/web/src/connectors/duo-redirect.ts | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/apps/web/src/connectors/duo-redirect.ts b/apps/web/src/connectors/duo-redirect.ts index 8455125861..ddbf75e53c 100644 --- a/apps/web/src/connectors/duo-redirect.ts +++ b/apps/web/src/connectors/duo-redirect.ts @@ -52,7 +52,11 @@ window.addEventListener("load", async () => { function redirectToDuoFrameless(redirectUrl: string) { const validateUrl = new URL(redirectUrl); - if (validateUrl.protocol !== "https:" || !validateUrl.hostname.endsWith("duosecurity.com")) { + if ( + validateUrl.protocol !== "https:" || + !validateUrl.hostname.endsWith("duosecurity.com") || + !validateUrl.hostname.endsWith("duofederal.com") + ) { throw new Error("Invalid redirect URL"); }