Address RemovedInDjango40Warning (6)

Django 3.0 renamed is_safe_url() to url_has_allowed_host_and_scheme() and deprecated is_safe_url(). https: //docs.djangoproject.com/en/4.0/releases/3.0/#deprecated-features-3-0 Change-Id: Ic970a93a2083525139d8741a4150e643264be43b
2022-01-27 04:13:43 +09:00 · 2022-01-27 04:13:43 +09:00 · 00def145de
parent 94216e027d
commit 00def145de
2 changed files with 13 additions and 9 deletions
--- a/horizon/workflows/views.py
+++ b/horizon/workflows/views.py
@ -94,9 +94,10 @@ class WorkflowView(hz_views.ModalBackdropMixin, generic.TemplateView):

        redirect_to = self.request.GET.get(workflow.redirect_param_name)
        # Make sure the requested redirect is safe
-        if redirect_to and not utils_http.is_safe_url(
-                url=redirect_to,
-                allowed_hosts=[self.request.get_host()]):
+        if (redirect_to and
+                not utils_http.url_has_allowed_host_and_scheme(
+                    url=redirect_to,
+                    allowed_hosts=[self.request.get_host()])):
            redirect_to = None
        context['REDIRECT_URL'] = redirect_to

--- a/openstack_auth/views.py
+++ b/openstack_auth/views.py
@ -285,8 +285,9 @@ def switch(request, tenant_id, redirect_field_name=auth.REDIRECT_FIELD_NAME):
    # Ensure the user-originating redirection url is safe.
    # Taken from django.contrib.auth.views.login()
    redirect_to = request.GET.get(redirect_field_name, '')
-    if not http.is_safe_url(url=redirect_to,
-                            allowed_hosts=[request.get_host()]):
+    if (not http.url_has_allowed_host_and_scheme(
+            url=redirect_to,
+            allowed_hosts=[request.get_host()])):
        redirect_to = settings.LOGIN_REDIRECT_URL

    if auth_ref:
@ -320,8 +321,9 @@ def switch_region(request, region_name,
                  region_name, request.user.username)

    redirect_to = request.GET.get(redirect_field_name, '')
-    if not http.is_safe_url(url=redirect_to,
-                            allowed_hosts=[request.get_host()]):
+    if (not http.url_has_allowed_host_and_scheme(
+            url=redirect_to,
+            allowed_hosts=[request.get_host()])):
        redirect_to = settings.LOGIN_REDIRECT_URL

    response = shortcuts.redirect(redirect_to)
@ -351,8 +353,9 @@ def switch_keystone_provider(request, keystone_provider=None,
        raise exceptions.KeystoneAuthException(msg)

    redirect_to = request.GET.get(redirect_field_name, '')
-    if not http.is_safe_url(url=redirect_to,
-                            allowed_hosts=[request.get_host()]):
+    if (not http.url_has_allowed_host_and_scheme(
+            url=redirect_to,
+            allowed_hosts=[request.get_host()])):
        redirect_to = settings.LOGIN_REDIRECT_URL

    unscoped_auth_ref = None