Repository : http://git.fedorahosted.org/cgit/copr.git On branch : master commit c8ec08a8bc6b04cdc751420dcaa790319dbf260c Author: Ralph Bean <rbean(a)redhat.com&gt; Date: Fri May 2 19:42:01 2014 -0400 Use flask_openid safe_roots to mitigate Covert Redirect. frontend/coprs_frontend/coprs/__init__.py | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/frontend/coprs_frontend/coprs/__init__.py b/frontend/coprs_frontend/coprs/__init__.py index d69a635..b057f26 100644 --- a/frontend/coprs_frontend/coprs/__init__.py +++ b/frontend/coprs_frontend/coprs/__init__.py @@ -21,7 +21,7 @@ else: app.config.from_pyfile("/etc/copr/copr.conf", silent=True) -oid = OpenID(app, app.config["OPENID_STORE"]) +oid = OpenID(app, app.config["OPENID_STORE"], safe_roots=[]) db = SQLAlchemy(app) whooshee = Whooshee(app)