Shopify: Open Redirect at *.myshopify.com/account/login?checkout_url=

2015-12-06T09:51:14
ID H1:103772
Type hackerone
Reporter batman
Modified 2015-12-16T04:33:41

Description

Hi,

Any user after logging into an any myshopify shop can be redirected to other domain.

To reproduce: Send this to victim: http://sehyoginfoshop.myshopify.com/account/login?checkout_url=.np

Now when our victim logs in, He will be redirected to https://sehyoginfoshop.myshopify.com.np/

Which is not a shopify domain.

Fix: While redirecting Use <shop-name>"/"$checkout_url instead of <shop-name>$checkout_url