Created
August 17, 2015 13:46
-
-
Save mrjoes/3330c79e10dcaea025e6 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from urlparse import urlparse, urljoin | |
| from flask import request, url_for, redirect | |
| from myapp.app import app | |
| def is_safe_url(target): | |
| ref_url = urlparse(request.host_url) | |
| test_url = urlparse(urljoin(request.host_url, target)) | |
| if test_url.scheme == 'mobile': | |
| return True | |
| return (test_url.scheme in ('http', 'https') and | |
| ref_url.netloc == test_url.netloc) | |
| def get_redirect_target(): | |
| target = request.values.get('next') | |
| if target and is_safe_url(target): | |
| return target | |
| def handle_redirect(target, endpoint=None, **values): | |
| if not target or not is_safe_url(target): | |
| if endpoint is None: | |
| endpoint = app.config.get('INDEX_VIEW') | |
| target = url_for(endpoint, **values) | |
| return redirect(target) | |
| def redirect_back(endpoint=None, **values): | |
| return handle_redirect(request.args.get('next'), endpoint=endpoint, **values) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment