RedirectResponse option to check the host of the url
|Reported by:||Martin Owens||Owned by:||nobody|
|Has patch:||yes||Needs documentation:||no|
|Needs tests:||no||Patch needs improvement:||no|
When redirecting it's often useful to redirect to the 'next' url which is passed from the browser. This variable might be altered before it gets back to us and so we want to check that the host is a known local host and approved. Because we don't want this to be checked all the time, it's optional in the proposed code.
The patch/pull request uses the existing urlparser data to perform the checks and the placement of the functionality seems like it would make a good django contribution.
Change History (9)
comment:1 Changed 2 years ago by
|Patch needs improvement:||unset|