staff_login_required decorator redirecting to default Login redirect instead of requested
|Reported by:||ayarshabeer||Owned by:||nobody|
|Cc:||Triage Stage:||Design decision needed|
|Has patch:||no||Needs documentation:||no|
|Needs tests:||no||Patch needs improvement:||no|
Description (last modified by )
While I am trying to access staff_required URL in the application it will shows admin login page but after I given login credential it redirect to default login redirect page (account/profile) instead of my requested staff page.
After I went through the django code I found that in login_required decorator (django/contrib/auth/views) there is checking for host
''' netloc = urlparse.urlparse(redirect_to) ''' # Use default setting if redirect_to is empty if not redirect_to: redirect_to = settings.LOGIN_REDIRECT_URL # Security check -- don't allow redirection to a different # host. ''' elif netloc and netloc != request.get_host(): redirect_to = settings.LOGIN_REDIRECT_URL'''
but this never succeed because staff_required decorator passing redirect_to value as request_full_path() and it doesnot contain host name.
Change History (7)
comment:3 Changed 5 years ago by
|Status:||closed → reopened|