def _finish_request(): if request.args.get('ajax'): return 'ok' # this was from the browser, so send them somewhere useful next_url = request.args.get('next') or url_for('root') return redirect(safety.safe_redirect_path(next_url))
def login_request(): """Redirect here to ask the user to authenticate""" if current_user.is_authenticated: next_url = request.args.get('next') or url_for('root') return redirect(safety.safe_redirect_path(next_url)) return render_template("login_request.html")
def test_safe_redirect_path_netloc_rejected(app): """A redirect to a URL with a netloc is not allowed and defaults to root""" with app.test_request_context(): eq_(safety.safe_redirect_path('//myserver.com/foo/bar'), '/')
def test_safe_redirect_path_schema_rejected(app): """A redirect to a URL with a schema is not allowed and defaults to root""" with app.test_request_context(): eq_(safety.safe_redirect_path('file:///foo/bar'), '/')
def test_safe_redirect_path_unqualified(): """A redirect to an unqualified path is alloewd""" eq_(safety.safe_redirect_path('/foo/bar'), '/foo/bar')