Summary

The _redirect_to_target() function in Gradio's OAuth flow accepts an unvalidated _target_url query parameter, allowing redirection to arbitrary external URLs. This affects the /logout and /login/callback endpoints on Gradio apps with OAuth enabled (i.e. apps running on Hugging Face Spaces with gr.LoginButton).

Details

  def _redirect_to_target(request, default_target="/"):
      target = request.query_params.get("_target_url", default_target)
      return RedirectResponse(target)  # No validation

An attacker can craft a URL like https://my-space.hf.space/logout?_target_url=https://evil.com/phishing that redirects the user to an external site after logout. Because the URL originates from a trusted hf.space domain, users are more likely to trust the link.

Impact

Phishing — an attacker can use the trusted domain to redirect users to a malicious site. No direct data exposure or server-side impact.

Fix

The _target_url parameter is now sanitized to only use the path, query, and fragment, stripping any scheme or host.