Documentation for Auth's Logout view suggests wrong redirect takes precedence.
|Reported by:||Owned by:||Justin Lilly|
|Has patch:||no||Needs documentation:||no|
|Needs tests:||no||Patch needs improvement:||no|
Currently, the documentation for django.contrib.auth.views.logout states
redirect_field_name: The name of a GET field containing the URL to redirect to after log out. Overrides next_page if the given GET parameter is passed.
However, as far as I can tell from staring at Trunk, this is only the case is next_page isn't also set. I appreciate it makes sense most of the time for only one to be provided, but as someone on IRC discovered, you can supply both (erroneously or not), at which point the documentation suggests the wrong one takes precedence.
Change History (4)
comment:1 Changed 6 years ago by
|Patch needs improvement:||unset|
comment:3 Changed 6 years ago by
|Component:||Documentation → Authentication|
|Owner:||changed from nobody to Justin Lilly|
|Status:||new → assigned|