Permalink
Browse files

Merge pull request #19 from tearnon/master

Redirect to refer.
  • Loading branch information...
2 parents 979c57b + 1a73b76 commit 72994a6b1c3cc2df75b2c2fee8101a116594f51a @livid committed Jan 20, 2012
Showing with 10 additions and 1 deletion.
  1. +9 −1 main.py
  2. +1 −0 tpl/desktop/signin.html
View
@@ -330,6 +330,9 @@ def get(self):
template_values['l10n'] = l10n
errors = 0
template_values['errors'] = errors
+
+ template_values['next'] = self.request.referer
+
if browser['ios']:
path = os.path.join(os.path.dirname(__file__), 'tpl', 'mobile', 'signin.html')
else:
@@ -360,7 +363,12 @@ def post(self):
if (q.count() == 1):
member = q[0]
self.response.headers['Set-Cookie'] = 'auth=' + member.auth + '; expires=' + (datetime.datetime.now() + datetime.timedelta(days=365)).strftime("%a, %d-%b-%Y %H:%M:%S GMT") + '; path=/'
- self.redirect('/')
+ next = self.request.get('next').strip()
+ host = self.request.host + '/'
+ if next.rfind(host)>0 and not next.rfind('/sign'):
+ self.redirect(next)
+ else:
+ self.redirect('/')
else:
errors = 2
else:
@@ -32,6 +32,7 @@
</td>
<td width="200" align="left">
<input type="password" class="sl" name="p" value="{{ p|escape }}" />
+ <input type="hidden" value="{{next}}" class="sl" name="next" />
</td>
</tr>
<tr>

0 comments on commit 72994a6

Please sign in to comment.