UNPKG

@kentcdodds/tmp-remix-utils

Version:

This package contains simple utility functions to use with [Remix.run](https://remix.run).

github.com/sergiodxa/remix-utils

sergiodxa/remix-utils

24 lines (23 loc) 699 B
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
const DEFAULT_REDIRECT = "/"; /** * This should be used any time the redirect path is user-provided * (Like the query string on our login/signup pages). This avoids * open-redirect vulnerabilities. * @param {string} to The redirect destination * @param {string} defaultRedirect The redirect to use if the to is unsafe. * @license MIT * @author https://github.com/jacob-ebey */ export function safeRedirect(to, defaultRedirect = DEFAULT_REDIRECT) { if (!to || typeof to !== "string") return defaultRedirect; to = to.trim(); if ( !to.startsWith("/") || to.startsWith("//") || to.startsWith("/\\") || to.includes("..") ) { return defaultRedirect; } return to; }