def redirect(self, endpoint='main.index', **values): """ Redirects the client to endpoint if no other safe redirect target is found. Args: endpoint: The endpoint to redirect to, defaults to 'main.index' **values: Values for the endpoint Returns: A redirection to the URL in the next field, returned by get_redirect_target() or endpoint, prioritized in that order. """ if is_safe_url(self.next.data): return redirect(self.next.data) target = get_redirect_target() return redirect(target or url_for(endpoint, **values))
def delete_post(id): post = Post.query.get_or_404(id) post.delete() flash('Deleted post.', 'success') return redirect(get_redirect_target() or url_for('admin.index'))
def __init__(self, *args, **kwargs): super().__init__(*args, **kwargs) if not self.next.data: self.next.data = get_redirect_target() or ''
def test_get_redirect_target(self): with self.app.test_request_context('/?next=http://externalsite.com'): self.assertIsNone(get_redirect_target()) with self.app.test_request_context('/?next=safe_internal_link'): self.assertEqual(get_redirect_target(), 'safe_internal_link')