ee5221ac43d6831f3cdc0ed6426eea98d12916f9
chmalee
  Tue Oct 14 12:33:04 2025 -0700
New hg.conf option 'login.approvedReturn' that hgLogin uses to check the validity of the returnto argument set by hgSession to prevent credential stealing. When this setting is not present the default behavior of accepting any URL in the returnto argument is active. refs #36485

diff --git src/hg/hgLogin/hgLogin.h src/hg/hgLogin/hgLogin.h
index 341cfadc73e..63d522f2ea0 100644
--- src/hg/hgLogin/hgLogin.h
+++ src/hg/hgLogin/hgLogin.h
@@ -1,26 +1,27 @@
 /* hgLogin.h  */
 
 /* Copyright (C) 2013 The Regents of the University of California 
  * See kent/LICENSE or http://genome.ucsc.edu/license/ for licensing information. */
 
 #ifndef hgLogin_H
 #define hgLogin_H
 
 /* ---- global variables ---- */
 #define TITLE "UCSC Genome Browser Login v"CGI_VERSION
 /* ---- hg.conf parameters used by hgLogin ---- */
 #define CFG_LOGIN_BROWSER_NAME "login.browserName"
 #define CFG_LOGIN_BROWSER_ADDR "login.browserAddr"
 #define CFG_LOGIN_MAIL_SIGNATURE "login.mailSignature"
 #define CFG_LOGIN_MAIL_RETURN_ADDR "login.mailReturnAddr"
 #define CFG_COOKIIENAME_USERNAME  "wiki.userNameCookie"
 #define CFG_COOKIIENAME_USERID  "wiki.loggedInCookie"
+#define CFG_APPROVED_HOSTS "login.approvedReturn"
 #endif /* hgLogin_H */