From 753bb46f20c0c82c9361a23d2b480f0fa66fc377 Mon Sep 17 00:00:00 2001
From: Ralph Bean <rbean@redhat.com>
Date: Fri, 2 May 2014 19:42:01 -0400
Subject: [PATCH] Use flask_openid safe_roots to mitigate Covert Redirect.

---
 frontend/coprs_frontend/coprs/__init__.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/frontend/coprs_frontend/coprs/__init__.py b/frontend/coprs_frontend/coprs/__init__.py
index d69a635..b057f26 100644
--- a/frontend/coprs_frontend/coprs/__init__.py
+++ b/frontend/coprs_frontend/coprs/__init__.py
@@ -21,7 +21,7 @@ else:
     app.config.from_pyfile("/etc/copr/copr.conf", silent=True)
 
 
-oid = OpenID(app, app.config["OPENID_STORE"])
+oid = OpenID(app, app.config["OPENID_STORE"], safe_roots=[])
 db = SQLAlchemy(app)
 whooshee = Whooshee(app)
 
-- 
1.9.0