Hello, ––

Currently, if no credentials are submitted, the
``RedirectingFormPlugin`` still redirects to "came_from" or
HTTP_REFERER.  That means that if a user visits the login-url
directly, he'll be redirected to wherever he came from (no-where).

This behavior is tested of course, so it's obviously intentional, but
what's the motivation?

Also, should it be possible to login using a GET request? Could this
be an alternative policy for choosing when to redirect.

Repoze-dev mailing list

Reply via email to