[英]DisallowedRedirect (Unsafe redirect to URL with protocol) Django
I am getting DisallowedRedirect error when i am logging user in The two views are当我登录用户时出现 DisallowedRedirect 错误 这两个视图是
def login(request):
c={}
c.update(csrf(request))
form=LoginForm()
errors=()
c['form']=form
c['errors']=errors
return render(request,'news/login.html',c)
def auth_view(request):
username=request.POST.get('username','')
password=request.POST.get('password','')
user=auth.authenticate(username=username,password=password)
if user is not None:
auth.login(request,user)
return HttpResponseRedirect('news:home',request)
else:
form=LoginForm()
errors=('Invalid Username or Password',)
return render(request,'news/login.html', {'form':form,'errors':errors})
instead of代替
return HttpResponseRedirect('news:home',request)
this:这个:
return HttpResponseRedirect(reverse('news:home'))
or要么
return redirect('news:home')
or要么
return redirect(reverse('news:home'))
HttpResponseRedirect.allowed_schemes.append('news') HttpResponseRedirect.allowed_schemes.append('新闻')
In addition to the current answers if you want to redirect to an custom scheme, you can use following code:如果要重定向到自定义方案,除了当前答案之外,还可以使用以下代码:
class CustomSchemeRedirect(HttpResponsePermanentRedirect):
allowed_schemes = ['tg']
def redirect(request):
return CustomSchemeRedirect('tg://resolve?domain=durov')
Make sure that when you get this error you have the correct scheme supplied in front of your URL.确保当您收到此错误时,您在 URL 前面提供了正确的方案。 By default the
django.http.HttpResponseRedirect
does not allow redirects to URLs that don't start with one of the following schemes:默认情况下,
django.http.HttpResponseRedirect
不允许重定向到不以以下方案之一开头的 URL:
So if the URL you supply is, for example, localhost:8000
make sure you change it to http://localhost:8000
to get it to work.因此,如果您提供的 URL 是,例如,
localhost:8000
,请确保将其更改为http://localhost:8000
以使其正常工作。
Don't forget that apart from enabling the redirect, nowadays Safari won't open your redirected deep links unless you do the work outlined here: https://developer.apple.com/documentation/xcode/supporting-associated-domains不要忘记,除了启用重定向之外,如今 Safari 不会打开重定向的深层链接,除非您执行此处列出的工作: https ://developer.apple.com/documentation/xcode/supporting-associated-domains
path('.well-known/apple-app-site-association', views.web.links.appleAppSiteAssociation, name='.well-known/apple-app-site-association'),
def appleAppSiteAssociation(request_):
"""
Tell Apple that certain URL patterns can open the app
:param request_:
:return:
"""
json = {
"applinks": {
"details": [
{
"appIDs": ["MY.APP.BUNDLEID"],
"components": [
{
"#": "no_universal_links",
"exclude": True,
"comment": "Matches any URL whose fragment equals no_universal_links and instructs the system not to open it as a universal link"
},
{
"/": "/dataUrl=*",
"comment": "Matches any URL whose path starts with /dataUrl="
},
]
}
]
},
"webcredentials": {
"apps": ["MY.APP.BUNDLEID"]
},
}
return JsonResponse(json)
webcredentials:MYPROTOCOL
into the Associated Domains in XCodewebcredentials:MYPROTOCOL
添加到 XCode 的关联域中
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.