Created by James Henstridge on 2010-01-25 and last modified on 2010-01-25
Get this branch:
bzr branch lp:~jamesh/django-openid-auth/sanitise-url
Only James Henstridge can upload to this branch. If you are James Henstridge please log in for upload directions.

Branch merges

Related bugs

Related blueprints

Branch information

James Henstridge

Recent revisions

67. By James Henstridge on 2010-01-25

Remove broken import in django_openid_auth.forms

66. By James Henstridge on 2010-01-25

Move the OPENID_USE_AS_ADMIN_LOGIN code to django_openid_auth.admin so
it only gets imported if the application is actually using

65. By James Henstridge on 2010-01-25

Add a high level test to show that requests without a "next" parameter pass.

64. By James Henstridge on 2010-01-25

Fix the sanitise_redirect_url function to handle an empty string properly.

Revision 60 changed the behaviour so that empty URLs would be returned
unchanged rather than rewriting to settings.LOGIN_REDIRECT_URL.

This meant that login without a "next" parameter would end up
redirecting back to the login_complete() view. Since the OpenID
response had already been handled, this would look like a replay attack
and the user would be presented with an error.

63. By Dave Walker on 2010-01-22

Option allowing openid for auth into /admin (django.contrib.admin)

62. By Stuart Metcalfe on 2010-01-21

prevents manual assignment of local groups which are bound to remote teams in the user admin ui

61. By Stuart Langridge on 2010-01-21

Add a test for the sanitise_redirect_url function

60. By Stuart Langridge on 2010-01-14

allow a list of permitted external domains to be defined in settings and allow redirects to those external domains as well as local URLs (as before)

59. By Thomas Bechtold on 2010-01-07

add testcase and documentation for auto-map feature

58. By Elliot Murphy on 2010-01-05

New version number since we have a few contributions that need to be
merged and released.

Branch metadata

Branch format:
Branch format 6
Repository format:
Bazaar pack repository format 1 with rich root (needs bzr 1.0)
This branch contains Public information 
Everyone can see this information.