Revision 5b65fb47 snf-astakos-app/astakos/im/util.py
| b/snf-astakos-app/astakos/im/util.py | ||
|---|---|---|
| 112 | 112 |
redirect location of an http redirect response. The method parses the |
| 113 | 113 |
provided url and identifies if it conforms CORS against provided domain |
| 114 | 114 |
AND url scheme matches any of the schemes in `allowed_schemes` parameter. |
| 115 |
If verirication succeeds sanitized safe url is returned so you must use
|
|
| 116 |
the method's response in the response location header and not the
|
|
| 117 |
originally provided url. If verification fails the method returns None.
|
|
| 115 |
If verirication succeeds sanitized safe url is returned. Consider using
|
|
| 116 |
the method's result in the response location header and not the originally
|
|
| 117 |
provided url. If verification fails the method returns None. |
|
| 118 | 118 |
|
| 119 | 119 |
>>> print restrict_next('/im/feedback', '.okeanos.grnet.gr')
|
| 120 | 120 |
/im/feedback |
| ... | ... | |
| 162 | 162 |
if not domain and not allowed_schemes: |
| 163 | 163 |
return url |
| 164 | 164 |
|
| 165 |
# domain validation |
|
| 165 | 166 |
if domain: |
| 166 | 167 |
if not parts.netloc: |
| 167 | 168 |
return url |
| ... | ... | |
| 170 | 171 |
else: |
| 171 | 172 |
return None |
| 172 | 173 |
|
| 174 |
# scheme validation |
|
| 173 | 175 |
if allowed_schemes: |
| 174 | 176 |
if parts.scheme in allowed_schemes: |
| 175 | 177 |
return url |
Also available in: Unified diff