Merge "Address RemovedInDjango40Warning (6)"

author: Zuul <zuul@review.opendev.org> 2022-03-12 22:02:46 +0000
committer: Gerrit Code Review <review@openstack.org> 2022-03-12 22:02:46 +0000
commit: ec634c937dfee744cc6a93134190869f1cd91f40 (patch)
tree: 3a2008549e5f6fd545d3bd71a91cfcc32bf1eb1a
parent: cf4e537e198b92c1148d5d8e4b398399a83a8978 (diff)
parent: 00def145de2498816255959d1aefd285cd5583bf (diff)
download: horizon-ec634c937dfee744cc6a93134190869f1cd91f40.tar.gz
2 files changed, 13 insertions, 9 deletions
diff --git a/horizon/workflows/views.py b/horizon/workflows/views.py
index 55c642ac4..365de3f0f 100644
--- a/horizon/workflows/views.py
+++ b/horizon/workflows/views.py
@@ -94,9 +94,10 @@ class WorkflowView(hz_views.ModalBackdropMixin, generic.TemplateView):
 
         redirect_to = self.request.GET.get(workflow.redirect_param_name)
         # Make sure the requested redirect is safe
-        if redirect_to and not utils_http.is_safe_url(
-                url=redirect_to,
-                allowed_hosts=[self.request.get_host()]):
+        if (redirect_to and
+                not utils_http.url_has_allowed_host_and_scheme(
+                    url=redirect_to,
+                    allowed_hosts=[self.request.get_host()])):
             redirect_to = None
         context['REDIRECT_URL'] = redirect_to
 
diff --git a/openstack_auth/views.py b/openstack_auth/views.py
index 58f085aa7..476d16ec4 100644
--- a/openstack_auth/views.py
+++ b/openstack_auth/views.py
@@ -285,8 +285,9 @@ def switch(request, tenant_id, redirect_field_name=auth.REDIRECT_FIELD_NAME):
     # Ensure the user-originating redirection url is safe.
     # Taken from django.contrib.auth.views.login()
     redirect_to = request.GET.get(redirect_field_name, '')
-    if not http.is_safe_url(url=redirect_to,
-                            allowed_hosts=[request.get_host()]):
+    if (not http.url_has_allowed_host_and_scheme(
+            url=redirect_to,
+            allowed_hosts=[request.get_host()])):
         redirect_to = settings.LOGIN_REDIRECT_URL
 
     if auth_ref:
@@ -320,8 +321,9 @@ def switch_region(request, region_name,
                   region_name, request.user.username)
 
     redirect_to = request.GET.get(redirect_field_name, '')
-    if not http.is_safe_url(url=redirect_to,
-                            allowed_hosts=[request.get_host()]):
+    if (not http.url_has_allowed_host_and_scheme(
+            url=redirect_to,
+            allowed_hosts=[request.get_host()])):
         redirect_to = settings.LOGIN_REDIRECT_URL
 
     response = shortcuts.redirect(redirect_to)
@@ -351,8 +353,9 @@ def switch_keystone_provider(request, keystone_provider=None,
         raise exceptions.KeystoneAuthException(msg)
 
     redirect_to = request.GET.get(redirect_field_name, '')
-    if not http.is_safe_url(url=redirect_to,
-                            allowed_hosts=[request.get_host()]):
+    if (not http.url_has_allowed_host_and_scheme(
+            url=redirect_to,
+            allowed_hosts=[request.get_host()])):
         redirect_to = settings.LOGIN_REDIRECT_URL
 
     unscoped_auth_ref = None
author	Zuul <zuul@review.opendev.org>	2022-03-12 22:02:46 +0000
committer	Gerrit Code Review <review@openstack.org>	2022-03-12 22:02:46 +0000
commit	ec634c937dfee744cc6a93134190869f1cd91f40 (patch)
tree	3a2008549e5f6fd545d3bd71a91cfcc32bf1eb1a
parent	cf4e537e198b92c1148d5d8e4b398399a83a8978 (diff)
parent	00def145de2498816255959d1aefd285cd5583bf (diff)
download	horizon-ec634c937dfee744cc6a93134190869f1cd91f40.tar.gz