Commit 5ba1d0d

committed

Fix next url encoding error

Next URLs where not properly encoded and could pass the wrong information

1 parent 6485a39 commit 5ba1d0dCopy full SHA for 5ba1d0d

File tree

+19

-2

lines changed

+19

-2

lines changed

Lines changed: 3 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -1,11 +1,12 @@`
	`1`	`+import urllib`
	`2`	`+`
`1`	`3`	`from django import forms`
`2`	`4`	`from django.contrib.auth import get_user_model`
`3`	`5`	`from django.contrib.sites.shortcuts import get_current_site`
`4`	`6`	`from django.core.mail import EmailMultiAlternatives`
`5`	`7`	`from django.db import connection`
`6`	`8`	`from django.template import TemplateDoesNotExist, loader`
`7`	`9`	`from django.urls import reverse`
`8`		`-from django.utils.encoding import iri_to_uri`
`9`	`10`
`10`	`11`	`from mailauth.backends import MailAuthBackend`
`11`	`12`
`@@ -34,7 +35,7 @@ def get_login_url(self, request, token, next=None):`
`34`	`35`	`path=reverse("mailauth:login-token", kwargs={"token": token}),`
`35`	`36`	`)`
`36`	`37`	`if next is not None:`
`37`		`- url += "?next=%s" % iri_to_uri(next)`
	`38`	`+ url += "?next=%s" % urllib.parse.quote(next)`
`38`	`39`	`return url`
`39`	`40`
`40`	`41`	`def get_token(self, user):`

Lines changed: 16 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -11,6 +11,22 @@ def test_save(self):`
`11`	`11`
`12`	`12`
`13`	`13`	`class TestEmailLoginForm:`
	`14`	`+ def test_get_login_url(self, rf):`
	`15`	`+ request = rf.get("/")`
	`16`	`+ form = EmailLoginForm(request=request)`
	`17`	`+ assert (`
	`18`	`+ form.get_login_url(request, "TOKEN")`
	`19`	`+ == "http://testserver/accounts/login/TOKEN"`
	`20`	`+ )`
	`21`	`+ assert (`
	`22`	`+ form.get_login_url(`
	`23`	`+ request,`
	`24`	`+ "TOKEN",`
	`25`	`+ next="/path/?utm_source=website&utm_medium=email#some-anchor",`
	`26`	`+ )`
	`27`	`+ == "http://testserver/accounts/login/TOKEN?next=/path/%3Futm_source%3Dwebsite%26utm_medium%3Demail%23some-anchor"`
	`28`	`+ )`
	`29`	`+`
`14`	`30`	`def test_send_mail__html_template(self):`
`15`	`31`	`class MyEmailLoginForm(EmailLoginForm):`
`16`	`32`	`html_email_template_name = EmailLoginForm.email_template_name`

Comments

(0)