OpenID login doesn't preserve the ?next= parameter

Anonymous avatarAnonymous created an issue

If I'm at this page:

http://metaward.com/accounts/signin/?next=/alias/add%3Falias%3Dhttp%253A//kongregate.com/accounts/catchbumps

and I login with openid, I end up at this page :

http://metaward.com/accounts/register/?next=%2Fs%2Fme

I think this stems from line 253 in views.py

if not redirect_to or '' in redirect_to or ' ' in redirect_to:

since I have a in my redirect_to link.

I think you are trying to make sure the redirect is actually on this host. You already have a "clean_next" in the utils, why isn't it used here?

Comments (4)

  1. Paul Tarjan

    The patch is to do this to every line that has the double slash check

            redirect_to = clean_next(redirect_to)
            # if not redirect_to or '//' in redirect_to or ' ' in redirect_to:
            #     redirect_to = settings.LOGIN_REDIRECT_URL
    
  2. Benoit Chesneau
    • changed status to open

    hum I'm not sure about this. I don't use clean_next in signong function to redirect on LOGIN_REDIRECT_URL . But maybe I'm wrong. Is this a bug or an improment ?

  3. Log in to comment
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.