Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Already on GitHub? Sign in to your account

Fix bug [#19277]: LocaleMiddleware permanent redirects #522

Closed
wants to merge 1 commit into
from

Conversation

Projects
None yet
1 participant
Contributor

EmilStenstrom commented Nov 17, 2012

https://code.djangoproject.com/ticket/19277#comment:3

"We're sprinting (Stockholm) at the moment and plan to solve this bug like this:

Instead of setting a status_code attribute, we would like to use a redirect_class. The reason for this is that HttpResponseRedirectBase has built in protection against unsafe protocol redirections. If we use a HttpResponse object and let the user supply their own status code they will probably miss that security issue, which would be a shame."

Authors: @pelme and @EmilStenstrom

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment