Fix compatibility with Django < 1.4.3
The is_safe_url function used in a previous commit was introduced in Django 1.4.3. I think breaking compatibility with the old version is unnecessary, and Ubuntu has backported the security fixes so I'm hesitant to require a new Django version. This commit moves the function into openstack_auth.utils, and uses it if the Django version is missing.
This commit is contained in:
parent
f6efb0ff31
commit
e9b9c5abff
|
@ -1,3 +1,5 @@
|
|||
import urlparse
|
||||
|
||||
from django.conf import settings
|
||||
from django.contrib import auth
|
||||
from django.contrib.auth.models import AnonymousUser
|
||||
|
@ -103,3 +105,19 @@ def is_ans1_token(token):
|
|||
therefore, we will check for MII only and ignore the case of larger tokens
|
||||
'''
|
||||
return token[:3] == PKI_ANS1_PREFIX
|
||||
|
||||
|
||||
# From django.contrib.auth.views
|
||||
# Added in Django 1.4.3, 1.5b2
|
||||
# Vendored here for compatibility with old Django versions.
|
||||
def is_safe_url(url, host=None):
|
||||
"""
|
||||
Return ``True`` if the url is a safe redirection (i.e. it doesn't point to
|
||||
a different host).
|
||||
|
||||
Always returns ``False`` on an empty url.
|
||||
"""
|
||||
if not url:
|
||||
return False
|
||||
netloc = urlparse.urlparse(url)[1]
|
||||
return not netloc or netloc == host
|
||||
|
|
|
@ -10,10 +10,14 @@ from django.contrib.auth.views import (login as django_login,
|
|||
from django.contrib.auth.decorators import login_required
|
||||
from django.views.decorators.debug import sensitive_post_parameters
|
||||
from django.utils.functional import curry
|
||||
from django.utils.http import is_safe_url
|
||||
from django.views.decorators.cache import never_cache
|
||||
from django.views.decorators.csrf import csrf_protect
|
||||
|
||||
try:
|
||||
from django.utils.http import is_safe_url
|
||||
except ImportError:
|
||||
from .utils import is_safe_url
|
||||
|
||||
from keystoneclient.v2_0 import client as keystone_client
|
||||
from keystoneclient import exceptions as keystone_exceptions
|
||||
|
||||
|
|
Loading…
Reference in New Issue