Please sign in to comment.
[1.1.X] Fixed #11457: tightened the security check for "next" redirec…
…ts after logins. The new behavior still disallows redirects to off-site URLs, but now allows redirects of the form `/some/other/view?foo=http://...`. Thanks to brutasse. Backport of  from trunk. git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.1.X@12636 bcc190cf-cafb-0310-a4f2-bffc1f526a37
- Loading branch information...
Showing with 62 additions and 4 deletions.