marcel/linkding
1
0
Fork 0
mirror of https://github.com/sissbruecker/linkding.git synced 2025-08-08 03:08:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

Prevent external redirects

Browse Source
This commit is contained in:
Sascha Ißbrücker
2022-03-25 18:29:54 +01:00
parent 1ffc3e0266
commit edb71286e7
11 changed files with 94 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
bookmarks/tests/test_bookmark_new_view.py
View File

@@ -73,6 +73,13 @@ class BookmarkNewViewTestCase(TestCase, BookmarkFactoryMixin):
self.assertRedirects(response, reverse('bookmarks:index'))
def test_should_not_redirect_to_external_url(self):
form_data = self.create_form_data()
response = self.client.post(reverse('bookmarks:new') + '?return_url=https://example.com', form_data)
self.assertRedirects(response, reverse('bookmarks:index'))
def test_auto_close_should_redirect_to_close_view(self):
form_data = self.create_form_data({'auto_close': 'true'})