def redirect(self, endpoint='main.index', **values):
"""
Redirects the client to endpoint if no other safe redirect target is found.
Args:
endpoint: The endpoint to redirect to, defaults to 'main.index'
**values: Values for the endpoint
Returns:
A redirection to the URL in the next field, returned by get_redirect_target()
or endpoint, prioritized in that order.
"""
if is_safe_url(self.next.data):
return redirect(self.next.data)
target = get_redirect_target()
return redirect(target or url_for(endpoint, **values))
def test_is_safe_url(self):
with self.app.test_request_context():
self.assertFalse(is_safe_url('http://externalsite.com'))
self.assertTrue(is_safe_url(url_for('main.index', _external=True)))
self.assertTrue(is_safe_url('safe_internal_link'))
