Next url mixin witch doesn't redirect to external website
Project description
Next url mixin which doesn’t is safe to phishing attacks
Naive implementation of the next URL mechanism is vulnerable to phishing attacks. This implementation aims to 1) raise awareness of that 2) provide safe implementation (possibly seen by more eyes)
The mixin does it’s work in form_valid() function, so it can be used for offspring of FormView or simillar view classes.
Documentation
The full documentation is at https://django-next-url-mixin.readthedocs.io.
Quickstart
Install Django next url mixin:
pip install django-next-url-mixin
Use it in your views:
from django.views.generic.edit import FormView
from next_url_mixin import NextUrlMixin
class MyView(NextUrlMixin, FormView):
# If you are overriding form_valid(), don't forgot to return the super value with the redirect to the new url
def form_valid(self, *args, **kwargs):
return_value = super().form_valid(*args, **kwargs)
return return_value
Running Tests
Does the code actually work?
source <YOURVIRTUALENV>/bin/activate (myenv) $ pip install tox (myenv) $ tox
Credits
Tools used in rendering this package:
History
0.1.0 (2020-06-12)
First release on PyPI.
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
File details
Details for the file django-next-url-mixin-0.1.0.tar.gz
.
File metadata
- Download URL: django-next-url-mixin-0.1.0.tar.gz
- Upload date:
- Size: 17.7 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: Python-urllib/3.8
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | 3df25779f9cba58740f6e071c1d2283c4bd492aabac37aa000d4ac35426ab684 |
|
MD5 | f54b78b27faa51f8258a5721f795eb48 |
|
BLAKE2b-256 | cd1ccc4b73592b7ed1187a5ff19629f3f1634e60a219e0dd238dbc2dbed0c3cc |