#17296: staff_login_required decorator redirecting to default Login redirect
instead of requested
-------------------------------+--------------------
Reporter: ayarshabeer | Owner: nobody
Type: Bug | Status: new
Component: HTTP handling | Version: 1.3
Severity: Normal | Keywords:
Triage Stage: Unreviewed | Has patch: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------+--------------------
While I am trying to access staff_required URL in the application it will
shows admin login page but after I given login credential it redirect to
default login redirect page (account/profile) instead of my requested
staff page.
After I went through the django code I found that in login_required
decorator (django/contrib/auth/views) there is checking for host
''' netloc = urlparse.urlparse(redirect_to)[1]
'''
# Use default setting if redirect_to is empty
if not redirect_to:
redirect_to = settings.LOGIN_REDIRECT_URL
# Security check -- don't allow redirection to a different
# host.
''' elif netloc and netloc != request.get_host():
redirect_to = settings.LOGIN_REDIRECT_URL'''
but this never succeed because staff_required decorator passing
redirect_to value as request_full_path() and it doesnot contain host name.
--
Ticket URL: <https://code.djangoproject.com/ticket/17296>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To post to this group, send email to django-updates@googlegroups.com.
To unsubscribe from this group, send email to
django-updates+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-updates?hl=en.
