diff --git a/util/oidc/oidc.go b/util/oidc/oidc.go index f928d6990469b..2230f3eae71c0 100644 --- a/util/oidc/oidc.go +++ b/util/oidc/oidc.go @@ -288,7 +288,7 @@ func (a *ClientApp) HandleLogin(w http.ResponseWriter, r *http.Request) { returnURL := r.FormValue("return_url") // Check if return_url is valid, otherwise abort processing (see https://github.com/argoproj/argo-cd/pull/4780) if !isValidRedirectURL(returnURL, []string{a.settings.URL}) { - log.Errorf("Invalid redirect URL: %s is not a valid per the settings.", returnURL) + log.Errorf("Invalid redirect URL: %s is not a valid URL or does not match the URL in settings.", returnURL) http.Error(w, "Invalid redirect URL: the protocol and host (including port) must match and the path must be within allowed URLs if provided", http.StatusBadRequest) return }