diff --git a/BTCPayServer/Controllers/UINotificationsController.cs b/BTCPayServer/Controllers/UINotificationsController.cs index 190381dd7..97a8d0832 100644 --- a/BTCPayServer/Controllers/UINotificationsController.cs +++ b/BTCPayServer/Controllers/UINotificationsController.cs @@ -217,7 +217,7 @@ namespace BTCPayServer.Controllers return NotFound(); } await _notificationManager.ToggleSeen(new NotificationsQuery() { Seen = false, UserId = userId }, true); - return Redirect(returnUrl); + return LocalRedirect(returnUrl); } private bool ValidUserClaim(out string userId) diff --git a/BTCPayServer/Controllers/UIWalletsController.PSBT.cs b/BTCPayServer/Controllers/UIWalletsController.PSBT.cs index 78365e22e..0bc769853 100644 --- a/BTCPayServer/Controllers/UIWalletsController.PSBT.cs +++ b/BTCPayServer/Controllers/UIWalletsController.PSBT.cs @@ -101,7 +101,7 @@ namespace BTCPayServer.Controllers if (bumpableUTXOs.Length == 0) { TempData[WellKnownTempData.ErrorMessage] = "There isn't any UTXO available to bump fee"; - return Redirect(returnUrl); + return LocalRedirect(returnUrl); } Money bumpFee = Money.Zero; foreach (var txid in bumpableUTXOs.Select(u => u.TransactionHash).ToHashSet()) @@ -146,7 +146,7 @@ namespace BTCPayServer.Controllers } catch (Exception ex) { TempData[WellKnownTempData.ErrorMessage] = ex.Message; - return Redirect(returnUrl); + return LocalRedirect(returnUrl); } } @@ -526,7 +526,7 @@ namespace BTCPayServer.Controllers var returnUrl = this.HttpContext.Request.Query["returnUrl"].FirstOrDefault(); if (returnUrl is not null) { - return Redirect(returnUrl); + return LocalRedirect(returnUrl); } return RedirectToAction(nameof(WalletTransactions), new { walletId = walletId.ToString() }); }