(request)
| 28 | |
| 29 | |
| 30 | def get_redirecturl(request): |
| 31 | nexturl = request.GET.get('next_url', None) |
| 32 | if not nexturl or nexturl == '/login/' or nexturl == '/login': |
| 33 | return '/' |
| 34 | |
| 35 | # Only allow relative URLs or URLs pointing to the current host |
| 36 | site_domain = get_current_site().domain |
| 37 | if url_has_allowed_host_and_scheme( |
| 38 | url=nexturl, |
| 39 | allowed_hosts={site_domain}, |
| 40 | require_https=request.is_secure() |
| 41 | ): |
| 42 | return nexturl |
| 43 | |
| 44 | logger.info('非法url:' + str(nexturl)) |
| 45 | return '/' |
| 46 | |
| 47 | |
| 48 | def oauthlogin(request): |
no test coverage detected