Skip to main content

Next url mixin witch doesn't redirect to external website

Project description

https://badge.fury.io/py/django-next-url-mixin.svg https://travis-ci.org/PetrDlouhy/django-next-url-mixin.svg?branch=master https://codecov.io/gh/PetrDlouhy/django-next-url-mixin/branch/master/graph/badge.svg

Next url mixin which doesn’t is safe to phishing attacks

Naive implementation of the next URL mechanism is vulnerable to phishing attacks. This implementation aims to 1) raise awareness of that 2) provide safe implementation (possibly seen by more eyes)

The mixin does it’s work in form_valid() function, so it can be used for offspring of FormView or simillar view classes.

Documentation

The full documentation is at https://django-next-url-mixin.readthedocs.io.

Quickstart

Install Django next url mixin:

pip install django-next-url-mixin

Use it in your views:

from django.views.generic.edit import FormView
from next_url_mixin import NextUrlMixin

class MyView(NextUrlMixin, FormView):

    # If you are overriding form_valid(), don't forgot to return the super value with the redirect to the new url
    def form_valid(self, *args, **kwargs):
        return_value = super().form_valid(*args, **kwargs)
        return return_value

Running Tests

Does the code actually work?

source <YOURVIRTUALENV>/bin/activate
(myenv) $ pip install tox
(myenv) $ tox

Credits

Tools used in rendering this package:

History

0.1.0 (2020-06-12)

  • First release on PyPI.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

django-next-url-mixin-0.1.0.tar.gz (17.7 kB view details)

Uploaded Source

File details

Details for the file django-next-url-mixin-0.1.0.tar.gz.

File metadata

File hashes

Hashes for django-next-url-mixin-0.1.0.tar.gz
Algorithm Hash digest
SHA256 3df25779f9cba58740f6e071c1d2283c4bd492aabac37aa000d4ac35426ab684
MD5 f54b78b27faa51f8258a5721f795eb48
BLAKE2b-256 cd1ccc4b73592b7ed1187a5ff19629f3f1634e60a219e0dd238dbc2dbed0c3cc

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page