From b05917d384751f488a3c905bfd144135ffa69267 Mon Sep 17 00:00:00 2001
From: Dries Vints <dries@vints.io>
Date: Mon, 24 Aug 2020 11:59:45 +0200
Subject: [PATCH 1/2] Fail url checking when url is invalid

---
 src/Http/Middleware/VerifyRedirectUrl.php |  3 ++-
 tests/Unit/VerifyRedirectUrlTest.php      | 12 ++++++++++++
 2 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/src/Http/Middleware/VerifyRedirectUrl.php b/src/Http/Middleware/VerifyRedirectUrl.php
index 3dd6cc9f..3cabc4e5 100644
--- a/src/Http/Middleware/VerifyRedirectUrl.php
+++ b/src/Http/Middleware/VerifyRedirectUrl.php
@@ -19,8 +19,9 @@ class VerifyRedirectUrl
     public function handle($request, Closure $next)
     {
         $redirect = $request->get('redirect');
+        $url = parse_url($redirect);
 
-        if ($redirect && parse_url($redirect)['host'] !== $request->getHost()) {
+        if ($redirect && (! isset($url['host']) || $url['host'] !== $request->getHost())) {
             throw new AccessDeniedHttpException('Redirect host mismatch.');
         }
 
diff --git a/tests/Unit/VerifyRedirectUrlTest.php b/tests/Unit/VerifyRedirectUrlTest.php
index 77524ae7..a7a953f7 100644
--- a/tests/Unit/VerifyRedirectUrlTest.php
+++ b/tests/Unit/VerifyRedirectUrlTest.php
@@ -33,6 +33,18 @@ public function test_it_fails_on_host_mismatch()
         });
     }
 
+    public function test_it_fails_when_the_url_is_invalid()
+    {
+        $request = Request::create('http://baz.com/stripe/payment', 'GET', ['redirect' => 'foo/bar']);
+        $middleware = new VerifyRedirectUrl;
+
+        $this->expectException(AccessDeniedHttpException::class);
+
+        $middleware->handle($request, function () {
+            //
+        });
+    }
+
     public function test_it_is_skipped_when_no_redirect_is_present()
     {
         $request = Request::create('http://baz.com/stripe/payment', 'GET');

From c2aac876b165cc05d11d81be3755c5755a82d4ae Mon Sep 17 00:00:00 2001
From: Taylor Otwell <taylor@laravel.com>
Date: Mon, 24 Aug 2020 08:16:13 -0500
Subject: [PATCH 2/2] Update VerifyRedirectUrl.php

---
 src/Http/Middleware/VerifyRedirectUrl.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/Http/Middleware/VerifyRedirectUrl.php b/src/Http/Middleware/VerifyRedirectUrl.php
index 3cabc4e5..23cf6312 100644
--- a/src/Http/Middleware/VerifyRedirectUrl.php
+++ b/src/Http/Middleware/VerifyRedirectUrl.php
@@ -19,6 +19,7 @@ class VerifyRedirectUrl
     public function handle($request, Closure $next)
     {
         $redirect = $request->get('redirect');
+
         $url = parse_url($redirect);
 
         if ($redirect && (! isset($url['host']) || $url['host'] !== $request->getHost())) {