You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I believe only urls in your app can be added to session['next'] but you should always validate urls before redirecting using something like is_safe_url. It's not hard and definitely worth the extra piece of mind.
I've added the following code to my app...
I do not have a custom unauthorized_handler.
If explicit validation is necessary, is that functionality builtin, or do I need to supply it?
The text was updated successfully, but these errors were encountered: