From 1ff5c35de5dbd70a782875a91dd2232fd01b002b Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Sun, 28 Apr 2024 14:38:04 +0200
Subject: Adding upstream version 0.10.1.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 vendor/ipl/web/src/Common/RedirectOption.php | 41 ++++++++++++++++++++++++++++
 1 file changed, 41 insertions(+)
 create mode 100644 vendor/ipl/web/src/Common/RedirectOption.php

(limited to 'vendor/ipl/web/src/Common/RedirectOption.php')

diff --git a/vendor/ipl/web/src/Common/RedirectOption.php b/vendor/ipl/web/src/Common/RedirectOption.php
new file mode 100644
index 0000000..0d73ef8
--- /dev/null
+++ b/vendor/ipl/web/src/Common/RedirectOption.php
@@ -0,0 +1,41 @@
+<?php
+
+namespace ipl\Web\Common;
+
+use ipl\Html\Contract\FormElement;
+use ipl\Html\Form;
+use LogicException;
+
+trait RedirectOption
+{
+    /**
+     * Create a form element to retrieve the redirect target upon form submit
+     *
+     * @return FormElement
+     */
+    protected function createRedirectOption()
+    {
+        /** @var Form $this */
+        return $this->createElement('hidden', 'redirect');
+    }
+
+    /**
+     * @see Form::getRedirectUrl()
+     */
+    public function getRedirectUrl()
+    {
+        /** @var Form $this */
+        $redirectOption = $this->getValue('redirect');
+        if (! $redirectOption) {
+            return parent::getRedirectUrl();
+        }
+
+        if (! $this->hasElement('CSRFToken') || ! $this->getElement('CSRFToken')->isValid()) {
+            throw new LogicException(
+                'It is not safe to accept redirect targets from submit values without CSRF protection'
+            );
+        }
+
+        return $redirectOption;
+    }
+}
-- 
cgit v1.2.3