diff options
author | Zuul <zuul@review.opendev.org> | 2022-03-12 22:02:46 +0000 |
---|---|---|
committer | Gerrit Code Review <review@openstack.org> | 2022-03-12 22:02:46 +0000 |
commit | ec634c937dfee744cc6a93134190869f1cd91f40 (patch) | |
tree | 3a2008549e5f6fd545d3bd71a91cfcc32bf1eb1a | |
parent | cf4e537e198b92c1148d5d8e4b398399a83a8978 (diff) | |
parent | 00def145de2498816255959d1aefd285cd5583bf (diff) | |
download | horizon-ec634c937dfee744cc6a93134190869f1cd91f40.tar.gz |
Merge "Address RemovedInDjango40Warning (6)"
-rw-r--r-- | horizon/workflows/views.py | 7 | ||||
-rw-r--r-- | openstack_auth/views.py | 15 |
2 files changed, 13 insertions, 9 deletions
diff --git a/horizon/workflows/views.py b/horizon/workflows/views.py index 55c642ac4..365de3f0f 100644 --- a/horizon/workflows/views.py +++ b/horizon/workflows/views.py @@ -94,9 +94,10 @@ class WorkflowView(hz_views.ModalBackdropMixin, generic.TemplateView): redirect_to = self.request.GET.get(workflow.redirect_param_name) # Make sure the requested redirect is safe - if redirect_to and not utils_http.is_safe_url( - url=redirect_to, - allowed_hosts=[self.request.get_host()]): + if (redirect_to and + not utils_http.url_has_allowed_host_and_scheme( + url=redirect_to, + allowed_hosts=[self.request.get_host()])): redirect_to = None context['REDIRECT_URL'] = redirect_to diff --git a/openstack_auth/views.py b/openstack_auth/views.py index 58f085aa7..476d16ec4 100644 --- a/openstack_auth/views.py +++ b/openstack_auth/views.py @@ -285,8 +285,9 @@ def switch(request, tenant_id, redirect_field_name=auth.REDIRECT_FIELD_NAME): # Ensure the user-originating redirection url is safe. # Taken from django.contrib.auth.views.login() redirect_to = request.GET.get(redirect_field_name, '') - if not http.is_safe_url(url=redirect_to, - allowed_hosts=[request.get_host()]): + if (not http.url_has_allowed_host_and_scheme( + url=redirect_to, + allowed_hosts=[request.get_host()])): redirect_to = settings.LOGIN_REDIRECT_URL if auth_ref: @@ -320,8 +321,9 @@ def switch_region(request, region_name, region_name, request.user.username) redirect_to = request.GET.get(redirect_field_name, '') - if not http.is_safe_url(url=redirect_to, - allowed_hosts=[request.get_host()]): + if (not http.url_has_allowed_host_and_scheme( + url=redirect_to, + allowed_hosts=[request.get_host()])): redirect_to = settings.LOGIN_REDIRECT_URL response = shortcuts.redirect(redirect_to) @@ -351,8 +353,9 @@ def switch_keystone_provider(request, keystone_provider=None, raise exceptions.KeystoneAuthException(msg) redirect_to = request.GET.get(redirect_field_name, '') - if not http.is_safe_url(url=redirect_to, - allowed_hosts=[request.get_host()]): + if (not http.url_has_allowed_host_and_scheme( + url=redirect_to, + allowed_hosts=[request.get_host()])): redirect_to = settings.LOGIN_REDIRECT_URL unscoped_auth_ref = None |