def _finish_request():
if request.args.get('ajax'):
return 'ok'
# this was from the browser, so send them somewhere useful
next_url = request.args.get('next') or url_for('root')
return redirect(safety.safe_redirect_path(next_url))
def _finish_request():
if request.args.get('ajax'):
return 'ok'
# this was from the browser, so send them somewhere useful
next_url = request.args.get('next') or url_for('root')
return redirect(safety.safe_redirect_path(next_url))
def login_request():
"""Redirect here to ask the user to authenticate"""
if current_user.is_authenticated:
next_url = request.args.get('next') or url_for('root')
return redirect(safety.safe_redirect_path(next_url))
return render_template("login_request.html")
def test_safe_redirect_path_netloc_rejected(app):
"""A redirect to a URL with a netloc is not allowed and defaults to root"""
with app.test_request_context():
eq_(safety.safe_redirect_path('//myserver.com/foo/bar'), '/')
def test_safe_redirect_path_schema_rejected(app):
"""A redirect to a URL with a schema is not allowed and defaults to root"""
with app.test_request_context():
eq_(safety.safe_redirect_path('file:///foo/bar'), '/')
def test_safe_redirect_path_unqualified():
"""A redirect to an unqualified path is alloewd"""
eq_(safety.safe_redirect_path('/foo/bar'), '/foo/bar')
def login_request():
"""Redirect here to ask the user to authenticate"""
if current_user.is_authenticated:
next_url = request.args.get('next') or url_for('root')
return redirect(safety.safe_redirect_path(next_url))
return render_template("login_request.html")
