Show More
| @@ -76,7 +76,10 b' class LoginController(BaseController):' | |||
|
|
76 | 76 | |
|
|
77 | 77 | def index(self): |
|
|
78 | 78 | c.came_from = safe_str(request.GET.pop('came_from', '')) |
|
|
79 |
if |
|
|
|
79 | if c.came_from: | |
|
|
80 | if not self._validate_came_from(c.came_from): | |
|
|
81 | log.error('Invalid came_from (not server-relative): %r', c.came_from) | |
|
|
82 | raise HTTPBadRequest() | |
|
|
80 | 83 | came_from = url(c.came_from, **request.GET) |
|
|
81 | 84 | else: |
|
|
82 | 85 | c.came_from = came_from = url('home') |
General Comments 0
You need to be logged in to leave comments.
Login now