lp:~jamesh/django-openid-auth/sanitise-url

Created by James Henstridge on 2010-01-25 and last modified on 2010-01-25
Get this branch:
bzr branch lp:~jamesh/django-openid-auth/sanitise-url
Only James Henstridge can upload to this branch. If you are James Henstridge please log in for upload directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
James Henstridge
Project:
django-openid-auth
Status:
Merged

Recent revisions

67. By James Henstridge on 2010-01-25

Remove broken import in django_openid_auth.forms

66. By James Henstridge on 2010-01-25

Move the OPENID_USE_AS_ADMIN_LOGIN code to django_openid_auth.admin so
it only gets imported if the application is actually using
django.contrib.admin.

65. By James Henstridge on 2010-01-25

Add a high level test to show that requests without a "next" parameter pass.

64. By James Henstridge on 2010-01-25

Fix the sanitise_redirect_url function to handle an empty string properly.

Revision 60 changed the behaviour so that empty URLs would be returned
unchanged rather than rewriting to settings.LOGIN_REDIRECT_URL.

This meant that login without a "next" parameter would end up
redirecting back to the login_complete() view. Since the OpenID
response had already been handled, this would look like a replay attack
and the user would be presented with an error.

63. By Dave Walker on 2010-01-22

Option allowing openid for auth into /admin (django.contrib.admin)

62. By Stuart Metcalfe on 2010-01-21

prevents manual assignment of local groups which are bound to remote teams in the user admin ui

61. By Stuart Langridge on 2010-01-21

Add a test for the sanitise_redirect_url function

60. By Stuart Langridge on 2010-01-14

allow a list of permitted external domains to be defined in settings and allow redirects to those external domains as well as local URLs (as before)

59. By Thomas Bechtold on 2010-01-07

add testcase and documentation for auto-map feature

58. By Elliot Murphy on 2010-01-05

New version number since we have a few contributions that need to be
merged and released.

Branch metadata

Branch format:
Branch format 6
Repository format:
Bazaar pack repository format 1 with rich root (needs bzr 1.0)
This branch contains Public information 
Everyone can see this information.

Subscribers