Show More
| @@ -76,7 +76,10 b' class LoginController(BaseController):' | |||||
| 76 |
|
76 | |||
| 77 | def index(self): |
|
77 | def index(self): | |
| 78 | c.came_from = safe_str(request.GET.pop('came_from', '')) |
|
78 | c.came_from = safe_str(request.GET.pop('came_from', '')) | |
| 79 |
if |
|
79 | if c.came_from: | |
|
|
80 | if not self._validate_came_from(c.came_from): | |||
|
|
81 | log.error('Invalid came_from (not server-relative): %r', c.came_from) | |||
|
|
82 | raise HTTPBadRequest() | |||
| 80 | came_from = url(c.came_from, **request.GET) |
|
83 | came_from = url(c.came_from, **request.GET) | |
| 81 | else: |
|
84 | else: | |
| 82 | c.came_from = came_from = url('home') |
|
85 | c.came_from = came_from = url('home') | |
General Comments 0
You need to be logged in to leave comments.
Login now