탐색 도움말
로그인
LBP
/
netbox
의 미러 https://github.com/netbox-community/netbox.git
2
0
포크 0
파일 이슈 0 위키
소스 검색

Update django is_safe_url calls to new API (#2546)

Juho Juopperi 7 년 전
부모
66ef5c726c
커밋
319869c22e
2개의 변경된 파일4개의 추가작업 그리고 4개의 파일을 삭제
통합 보기 변경상태 보기
  1. 1 1
      netbox/users/views.py
  2. 3 3
      netbox/utilities/views.py

+ 1 - 1
netbox/users/views.py
파일 보기 

@@ -36,7 +36,7 @@ class LoginView(View):
 
 
 
             # Determine where to direct user after successful login
 
             # Determine where to direct user after successful login
 
             redirect_to = request.POST.get('next', '')
 
             redirect_to = request.POST.get('next', '')
 
-            if not is_safe_url(url=redirect_to, host=request.get_host()):
 
+            if not is_safe_url(url=redirect_to, allowed_hosts=request.get_host()):
 
                 redirect_to = reverse('home')
 
                 redirect_to = reverse('home')
 
 
 
             # Authenticate user
 
             # Authenticate user

+ 3 - 3
netbox/utilities/views.py
파일 보기 

@@ -57,7 +57,7 @@ class GetReturnURLMixin(object):
 
 
 
         # First, see if `return_url` was specified as a query parameter. Use it only if it's considered safe.
 
         # First, see if `return_url` was specified as a query parameter. Use it only if it's considered safe.
 
         query_param = request.GET.get('return_url')
 
         query_param = request.GET.get('return_url')
 
-        if query_param and is_safe_url(url=query_param, host=request.get_host()):
 
+        if query_param and is_safe_url(url=query_param, allowed_hosts=request.get_host()):
 
             return query_param
 
             return query_param
 
 
 
         # Next, check if the object being modified (if any) has an absolute URL.
 
         # Next, check if the object being modified (if any) has an absolute URL.
 
@@ -225,7 +225,7 @@ class ObjectEditView(GetReturnURLMixin, View):
 
                 return redirect(request.get_full_path())
 
                 return redirect(request.get_full_path())
 
 
 
             return_url = form.cleaned_data.get('return_url')
 
             return_url = form.cleaned_data.get('return_url')
 
-            if return_url is not None and is_safe_url(url=return_url, host=request.get_host()):
 
+            if return_url is not None and is_safe_url(url=return_url, allowed_hosts=request.get_host()):
 
                 return redirect(return_url)
 
                 return redirect(return_url)
 
             else:
 
             else:
 
                 return redirect(self.get_return_url(request, obj))
 
                 return redirect(self.get_return_url(request, obj))
 
@@ -283,7 +283,7 @@ class ObjectDeleteView(GetReturnURLMixin, View):
 
             messages.success(request, msg)
 
             messages.success(request, msg)
 
 
 
             return_url = form.cleaned_data.get('return_url')
 
             return_url = form.cleaned_data.get('return_url')
 
-            if return_url is not None and is_safe_url(url=return_url, host=request.get_host()):
 
+            if return_url is not None and is_safe_url(url=return_url, allowed_hosts=request.get_host()):
 
                 return redirect(return_url)
 
                 return redirect(return_url)
 
             else:
 
             else:
 
                 return redirect(self.get_return_url(request, obj))
 
                 return redirect(self.get_return_url(request, obj))