From 6cbc6452fc91865353121572142ac11d14edbfd9 Mon Sep 17 00:00:00 2001
From: Phoenix Eliot <phoenixjeliot@gmail.com>
Date: Tue, 6 Sep 2016 17:10:58 -0700
Subject: [PATCH] Actually do filter safe paths, but allow any other domain

---
 server_setup.coffee | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/server_setup.coffee b/server_setup.coffee
index 4d3405b90..3713079ed 100644
--- a/server_setup.coffee
+++ b/server_setup.coffee
@@ -63,6 +63,8 @@ setupDomainFilterMiddleware = (app) ->
       domainPrefix = req.host.match(domainRegex)?[1] or ''
       if _.any(unsafePaths, (pathRegex) -> pathRegex.test(req.path)) and (req.host isnt domainPrefix + config.unsafeContentHostname)
         res.redirect('http://' + domainPrefix + config.unsafeContentHostname + req.path)
+      else if not _.any(unsafePaths, (pathRegex) -> pathRegex.test(req.path)) and req.host is domainPrefix + config.unsafeContentHostname
+        res.redirect('http://' + domainPrefix + config.mainHostname + req.path)
       else
         next()