From 1b4233ba0dcb245f8905021b5c6f5ba08b0893ff Mon Sep 17 00:00:00 2001
From: Ilia Rostovtsev <ilia@rostovtsev.ru>
Date: Thu, 18 Jan 2018 18:12:32 +0300
Subject: [PATCH] Harden checks for redirect and keeping URI

---
 web-lib-funcs.pl | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/web-lib-funcs.pl b/web-lib-funcs.pl
index 097ea38ed..c867e8df7 100755
--- a/web-lib-funcs.pl
+++ b/web-lib-funcs.pl
@@ -4788,10 +4788,13 @@ else {
 	$trust = 0;
 	}
 # Check for trigger URL to simply redirect to root: required for Authentic Theme 19.00+
-if ($ENV{'REQUEST_URI'} =~ /xnavigation=1/) {
+if ($ENV{'HTTP_X_REQUESTED_WITH'} ne "XMLHttpRequest" &&
+    $ENV{'REQUEST_URI'} !~ /xhr/  &&
+    $ENV{'REQUEST_URI'} !~ /pjax/ &&
+    $ENV{'REQUEST_URI'} =~ /xnavigation=1/) {
 	# Store requested URI if safe
 	if ($trust || !$referer_site) {
-		if ($ENV{'REQUEST_URI'} !~ /xhr/ && $ENV{'REQUEST_URI'} !~ /pjax/ && $main::session_id && $remote_user) {
+		if ($main::session_id && $remote_user) {
 		  my $xnav = "xnavigation=1";
 		  my $url = "$gconfig{'webprefix'}$ENV{'REQUEST_URI'}";
 		  $url =~ s/[?|&]$xnav//g;