From 9ed39ab0fae002f4163e64fb775d033ff8321e8a Mon Sep 17 00:00:00 2001
From: Raphael Michel <michel@rami.io>
Date: Tue, 11 Oct 2022 18:04:30 +0200
Subject: [PATCH] Stripe: Prevent lost session with firefox tracking protection

---
 src/pretix/plugins/stripe/payment.py | 10 +++++++---
 src/pretix/plugins/stripe/views.py   | 24 ++++++++++++++++--------
 2 files changed, 23 insertions(+), 11 deletions(-)

diff --git a/src/pretix/plugins/stripe/payment.py b/src/pretix/plugins/stripe/payment.py
index 604ed4968..ba3b16271 100644
--- a/src/pretix/plugins/stripe/payment.py
+++ b/src/pretix/plugins/stripe/payment.py
@@ -649,10 +649,14 @@ class StripeMethod(BasePaymentProvider):
 
     def redirect(self, request, url):
         if request.session.get('iframe_session', False):
-            signer = signing.Signer(salt='safe-redirect')
             return (
-                build_absolute_uri(request.event, 'plugins:stripe:redirect') + '?url=' +
-                urllib.parse.quote(signer.sign(url))
+                build_absolute_uri(request.event, 'plugins:stripe:redirect') +
+                '?data=' + signing.dumps({
+                    'url': url,
+                    'session': {
+                        'payment_stripe_order_secret': request.session['payment_stripe_order_secret'],
+                    },
+                }, salt='safe-redirect')
             )
         else:
             return str(url)
diff --git a/src/pretix/plugins/stripe/views.py b/src/pretix/plugins/stripe/views.py
index 674873285..f96f284a7 100644
--- a/src/pretix/plugins/stripe/views.py
+++ b/src/pretix/plugins/stripe/views.py
@@ -35,6 +35,7 @@
 import hashlib
 import json
 import logging
+import urllib.parse
 
 import requests
 import stripe
@@ -63,7 +64,7 @@ from pretix.control.permissions import (
 )
 from pretix.control.views.event import DecoupleMixin
 from pretix.control.views.organizer import OrganizerDetailViewMixin
-from pretix.multidomain.urlreverse import eventreverse
+from pretix.multidomain.urlreverse import build_absolute_uri, eventreverse
 from pretix.plugins.stripe.forms import OrganizerStripeSettingsForm
 from pretix.plugins.stripe.models import ReferencedStripeObject
 from pretix.plugins.stripe.payment import StripeCC, StripeSettingsHolder
@@ -76,17 +77,24 @@ logger = logging.getLogger('pretix.plugins.stripe')
 
 @xframe_options_exempt
 def redirect_view(request, *args, **kwargs):
-    signer = signing.Signer(salt='safe-redirect')
     try:
-        url = signer.unsign(request.GET.get('url', ''))
+        data = signing.loads(request.GET.get('data', ''), salt='safe-redirect')
     except signing.BadSignature:
         return HttpResponseBadRequest('Invalid parameter')
 
-    r = render(request, 'pretixplugins/stripe/redirect.html', {
-        'url': url,
-    })
-    r._csp_ignore = True
-    return r
+    if 'go' in request.GET:
+        if 'session' in data:
+            for k, v in data['session'].items():
+                request.session[k] = v
+        return redirect(data['url'])
+    else:
+        params = request.GET.copy()
+        params['go'] = '1'
+        r = render(request, 'pretixplugins/stripe/redirect.html', {
+            'url': build_absolute_uri(request.event, 'plugins:stripe:redirect') + '?' + urllib.parse.urlencode(params),
+        })
+        r._csp_ignore = True
+        return r
 
 
 @scopes_disabled()