Skip to content

Commit 28b6a04

Browse files
bmispelonfelixxm
bmispelon
authored and
felixxm
committed
Updated to Django 3.2.
This also fixes is_safe_url() deprecation warnings.
1 parent 2097f46 commit 28b6a04

File tree

3 files changed

+16
-7
lines changed

3 files changed

+16
-7
lines changed

.github/workflows/tests.yml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -24,6 +24,8 @@ jobs:
2424
python-version: '3.8'
2525
- run: pip install "tinycss2>=1.2.0"
2626
- run: python noshadows.py --tests
27+
env:
28+
PYTHONWARNINGS: error
2729

2830
tracdjangoplugin:
2931
runs-on: ubuntu-20.04
@@ -39,6 +41,7 @@ jobs:
3941
run: python -m django test tracdjangoplugin.tests
4042
env:
4143
DJANGO_SETTINGS_MODULE: tracdjangoplugin.settings_tests
44+
PYTHONWARNINGS: error
4245

4346
traccheck:
4447
runs-on: ubuntu-20.04
@@ -53,6 +56,8 @@ jobs:
5356
- run: python traccheck.py lint trac-env/
5457
env:
5558
DJANGO_SETTINGS_MODULE: tracdjangoplugin.settings_tests
59+
PYTHONWARNINGS: error
5660
- run: python traccheck.py components --check .TRACFREEZE.txt trac-env/
5761
env:
5862
DJANGO_SETTINGS_MODULE: tracdjangoplugin.settings_tests
63+
PYTHONWARNINGS: error

DjangoPlugin/tracdjangoplugin/plugins.py

Lines changed: 10 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,8 @@
1111

1212
from django.conf import settings
1313
from django.contrib.auth.forms import AuthenticationForm
14-
from django.utils.http import is_safe_url
14+
from django.utils.encoding import iri_to_uri
15+
from django.utils.http import url_has_allowed_host_and_scheme
1516

1617

1718
class CustomTheme(Component):
@@ -135,11 +136,14 @@ def do_post(self, req):
135136

136137
def _get_safe_redirect_url(self, req):
137138
host = urlparse(req.base_url).hostname
138-
redirect_url = req.args.get("next", "") or settings.LOGIN_REDIRECT_URL
139-
if is_safe_url(redirect_url, allowed_hosts=[host]):
140-
return redirect_url
141-
else:
142-
return settings.LOGIN_REDIRECT_URL
139+
redirect_url = iri_to_uri(req.args.get("next", ""))
140+
141+
if not redirect_url:
142+
redirect_url = settings.LOGIN_REDIRECT_URL
143+
elif not url_has_allowed_host_and_scheme(redirect_url, allowed_hosts=[host]):
144+
redirect_url = settings.LOGIN_REDIRECT_URL
145+
146+
return redirect_url
143147

144148

145149
class ReservedUsernamesComponent(Component):

requirements.txt

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
# spam-filter doesn't work without babel (but somehow doesn't list it in its requirements)
22
Trac[pygments, babel]==1.6.0
33
psycopg2==2.9.9 --no-binary=psycopg2
4-
Django==1.11.29
4+
Django==3.2.24
55
libsass==0.23.0
66

77
# Trac plugins

0 commit comments

Comments
 (0)