kallithea Changeset - ad131f703996

Changeset - ad131f703996

Parent rev.

Child rev.

[Not reviewed]

stable

0 1 0

Mads Kiilerich - 10 years ago 2015-09-20 22:22:50
madski@unity3d.com

1 file changed with 4 insertions and 1 deletions:

kallithea/controllers/login.py

0 comments (0 inline, 0 general)

kallithea/controllers/login.py

➞

Show inline comments

@@ @@ -67,25 +67,28 @@ class LoginController(BaseController): @@
         if parsed.scheme and parsed.scheme not in allowed_schemes:
             log.error('Suspicious URL scheme detected %s for url %s',
                      parsed.scheme, parsed)
             return False
         if server_parsed.netloc != parsed.netloc:
             log.error('Suspicious NETLOC detected %s for url %s server url '
                       'is: %s' % (parsed.netloc, parsed, server_parsed))
             return False
         return True
     def index(self):
         c.came_from = safe_str(request.GET.pop('came_from', ''))
         if self._validate_came_from(c.came_from):
         if c.came_from:
             if not self._validate_came_from(c.came_from):
                 log.error('Invalid came_from (not server-relative): %r', c.came_from)
                 raise HTTPBadRequest()
             came_from = url(c.came_from, **request.GET)
         else:
             c.came_from = came_from = url('home')
         not_default = self.authuser.username != User.DEFAULT_USER
         ip_allowed = AuthUser.check_ip_allowed(self.authuser, self.ip_addr)
         # redirect if already logged in
         if self.authuser.is_authenticated and not_default and ip_allowed:
             raise HTTPFound(location=came_from)
         if request.POST:

0 comments (0 inline, 0 general)