fix: sendCasAuthenticationResponseErr when pgtUrlObj if not valid url (#2287)

* fix: sendCasAuthenticationResponseErr when pgtUrlObj if not valid url check pgtUrlObj.Scheme first will cause panic if url.Parse returns error. * Update cas.go --------- Co-authored-by: hsluoyz <hsluoyz@qq.com>
2025-05-22 18:25:47 +08:00 · 2023-09-01 22:26:57 +08:00 · 2023-09-01 22:26:57 +08:00 · 0c5c308071
commit 0c5c308071
parent 0b859197da
1 changed files with 6 additions and 4 deletions
--- a/controllers/cas.go
+++ b/controllers/cas.go
@ -121,15 +121,17 @@ func (c *RootController) CasP3ProxyValidate() {
 		pgtiou := serviceResponse.Success.ProxyGrantingTicket
 		// todo: check whether it is https
 		pgtUrlObj, err := url.Parse(pgtUrl)
+		if err != nil {
+			c.sendCasAuthenticationResponseErr(InvalidProxyCallback, err.Error(), format)
+			return
+		}
+
 		if pgtUrlObj.Scheme != "https" {
 			c.sendCasAuthenticationResponseErr(InvalidProxyCallback, "callback is not https", format)
 			return
 		}
+
 		// make a request to pgturl passing pgt and pgtiou
-		if err != nil {
-			c.sendCasAuthenticationResponseErr(InternalError, err.Error(), format)
-			return
-		}
 		param := pgtUrlObj.Query()
 		param.Add("pgtId", pgt)
 		param.Add("pgtIou", pgtiou)