From 00def145de2498816255959d1aefd285cd5583bf Mon Sep 17 00:00:00 2001
From: Akihiro Motoki <amotoki@gmail.com>
Date: Thu, 27 Jan 2022 04:13:43 +0900
Subject: [PATCH] Address RemovedInDjango40Warning (6)

Django 3.0 renamed is_safe_url() to url_has_allowed_host_and_scheme()
and deprecated is_safe_url().

https: //docs.djangoproject.com/en/4.0/releases/3.0/#deprecated-features-3-0
Change-Id: Ic970a93a2083525139d8741a4150e643264be43b
---
 horizon/workflows/views.py |  7 ++++---
 openstack_auth/views.py    | 15 +++++++++------
 2 files changed, 13 insertions(+), 9 deletions(-)

diff --git a/horizon/workflows/views.py b/horizon/workflows/views.py
index 55c642ac4b..365de3f0f3 100644
--- a/horizon/workflows/views.py
+++ b/horizon/workflows/views.py
@@ -94,9 +94,10 @@ class WorkflowView(hz_views.ModalBackdropMixin, generic.TemplateView):
 
         redirect_to = self.request.GET.get(workflow.redirect_param_name)
         # Make sure the requested redirect is safe
-        if redirect_to and not utils_http.is_safe_url(
-                url=redirect_to,
-                allowed_hosts=[self.request.get_host()]):
+        if (redirect_to and
+                not utils_http.url_has_allowed_host_and_scheme(
+                    url=redirect_to,
+                    allowed_hosts=[self.request.get_host()])):
             redirect_to = None
         context['REDIRECT_URL'] = redirect_to
 
diff --git a/openstack_auth/views.py b/openstack_auth/views.py
index 4e6cbf5702..a342478744 100644
--- a/openstack_auth/views.py
+++ b/openstack_auth/views.py
@@ -285,8 +285,9 @@ def switch(request, tenant_id, redirect_field_name=auth.REDIRECT_FIELD_NAME):
     # Ensure the user-originating redirection url is safe.
     # Taken from django.contrib.auth.views.login()
     redirect_to = request.GET.get(redirect_field_name, '')
-    if not http.is_safe_url(url=redirect_to,
-                            allowed_hosts=[request.get_host()]):
+    if (not http.url_has_allowed_host_and_scheme(
+            url=redirect_to,
+            allowed_hosts=[request.get_host()])):
         redirect_to = settings.LOGIN_REDIRECT_URL
 
     if auth_ref:
@@ -320,8 +321,9 @@ def switch_region(request, region_name,
                   region_name, request.user.username)
 
     redirect_to = request.GET.get(redirect_field_name, '')
-    if not http.is_safe_url(url=redirect_to,
-                            allowed_hosts=[request.get_host()]):
+    if (not http.url_has_allowed_host_and_scheme(
+            url=redirect_to,
+            allowed_hosts=[request.get_host()])):
         redirect_to = settings.LOGIN_REDIRECT_URL
 
     response = shortcuts.redirect(redirect_to)
@@ -351,8 +353,9 @@ def switch_keystone_provider(request, keystone_provider=None,
         raise exceptions.KeystoneAuthException(msg)
 
     redirect_to = request.GET.get(redirect_field_name, '')
-    if not http.is_safe_url(url=redirect_to,
-                            allowed_hosts=[request.get_host()]):
+    if (not http.url_has_allowed_host_and_scheme(
+            url=redirect_to,
+            allowed_hosts=[request.get_host()])):
         redirect_to = settings.LOGIN_REDIRECT_URL
 
     unscoped_auth_ref = None