Revision 217994f8 snf-astakos-app/astakos/im/target/redirect.py

b/snf-astakos-app/astakos/im/target/redirect.py
37 37 
from django.contrib import messages
38 38 
from django.utils.http import urlencode
39 39 
from django.contrib.auth import authenticate
40 
from django.http import HttpResponse, HttpResponseBadRequest
40 
from django.http import (
41 
    HttpResponse, HttpResponseBadRequest, HttpResponseForbidden
42 
)
41 43 
from django.core.exceptions import ValidationError
42 44 
from django.views.decorators.http import require_http_methods
43 45 

  		





  ......




  45
  47
  
    
from urlparse import urlunsplit, urlsplit, urlparse, parse_qsl


  		





  46
  48
  
    

  		





  47
  49
  
    
from astakos.im.settings import COOKIE_NAME, COOKIE_DOMAIN


  		





  48
  
  
    
from astakos.im.util import set_cookie


  		





  
  50
  
    
from astakos.im.util import set_cookie, restrict_next


  		





  49
  51
  
    
from astakos.im.functions import login as auth_login, logout


  		





  50
  52
  
    

  		





  51
  53
  
    
import logging


  		





  ......




  65
  67
  
    
    next = request.GET.get('next')


  		





  66
  68
  
    
    if not next:


  		





  67
  69
  
    
        return HttpResponseBadRequest(_('No next parameter'))


  		





  
  70
  
    
    if not restrict_next(


  		





  
  71
  
    
        next, domain=COOKIE_DOMAIN, allowed_schemes=('pithos',)


  		





  
  72
  
    
    ):


  		





  
  73
  
    
        return HttpResponseForbidden(_('Not allowed next parameter'))


  		





  68
  74
  
    
    force = request.GET.get('force', None)


  		





  69
  75
  
    
    response = HttpResponse()


  		





  70
  76
  
    
    if force == '':


  		












Also available in:
  Unified diff