Revision 5b65fb47 snf-astakos-app/astakos/im/util.py
b/snf-astakos-app/astakos/im/util.py | ||
---|---|---|
112 | 112 |
redirect location of an http redirect response. The method parses the |
113 | 113 |
provided url and identifies if it conforms CORS against provided domain |
114 | 114 |
AND url scheme matches any of the schemes in `allowed_schemes` parameter. |
115 |
If verirication succeeds sanitized safe url is returned so you must use
|
|
116 |
the method's response in the response location header and not the
|
|
117 |
originally provided url. If verification fails the method returns None.
|
|
115 |
If verirication succeeds sanitized safe url is returned. Consider using
|
|
116 |
the method's result in the response location header and not the originally
|
|
117 |
provided url. If verification fails the method returns None. |
|
118 | 118 |
|
119 | 119 |
>>> print restrict_next('/im/feedback', '.okeanos.grnet.gr') |
120 | 120 |
/im/feedback |
... | ... | |
162 | 162 |
if not domain and not allowed_schemes: |
163 | 163 |
return url |
164 | 164 |
|
165 |
# domain validation |
|
165 | 166 |
if domain: |
166 | 167 |
if not parts.netloc: |
167 | 168 |
return url |
... | ... | |
170 | 171 |
else: |
171 | 172 |
return None |
172 | 173 |
|
174 |
# scheme validation |
|
173 | 175 |
if allowed_schemes: |
174 | 176 |
if parts.scheme in allowed_schemes: |
175 | 177 |
return url |
Also available in: Unified diff