id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
26956	"Allow additional safe hosts for ""next"" parameter during login"	Jon Dufresne	nobody	"Use case:

* Django application using auth for authentication
* Django application is one part of a loosely coupled network of applications written in multiple languages/frameworks
* These other applications are hosted on different domains
* '''Goal''', upon successful login, Django should be able to redirect to these other applications

To solve this use case I propose the following changes:

* Change `is_safe_url()` so the `host` argument can also accept a list of hosts.
* Change `LoginView` to add a new class member `allowed_hosts`. This member is a list of allowed hosts to pass to `is_safe_url()` in `LoginView.get_success_url()`. I think `self.request.get_host()` will always be implicitly added to this list."	New feature	closed	contrib.auth	dev	Normal	fixed			Ready for checkin	1	0	0	0	0	0