django http://cgit.adnoto.dev/django.git/atom?h=stable%2F5.2.x 2025-01-13T14:51:21Z 2025-01-13T14:51:21Z Sarah Boyce 42296566+sarahboyce@users.noreply.github.com 2025-01-13T11:01:49Z urn:sha1:23c6effac0c39669e17904165c9762f24b010cc5 2024-05-29T13:48:27Z Jake Howard RealOrangeOne@users.noreply.github.com 2024-05-29T13:48:27Z urn:sha1:ff308a06047cd60806d604a7cf612e5656ee2ac9 This work should not generate any change of functionality, and `urlsplit` is approximately 6x faster. Most use cases of `urlparse` didn't touch the path, so they can be converted to `urlsplit` without any issue. Most of those which do use `.path`, simply parse the URL, mutate the querystring, then put them back together, which is also fine (so long as urlunsplit is used). 2024-05-22T06:51:17Z Hisham Mahmood hishammahmood41@gmail.com 2024-05-05T06:21:28Z urn:sha1:c7fc9f20b49b5889a9a8f47de45165ac443c1a21 Co-authored-by: Adam Johnson <me@adamj.eu> Co-authored-by: Mehmet İnce <mehmet@mehmetince.net> Co-authored-by: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com> 2023-01-17T10:49:15Z Mariusz Felisiak felisiak.mariusz@gmail.com 2023-01-13T05:03:29Z urn:sha1:9a01311d204ebf23e615a0802cedcc7b6b373826 Per deprecation timeline. 2022-04-20T08:04:29Z Aymeric Augustin aymeric.augustin@m4x.org 2022-04-16T18:27:49Z urn:sha1:5dfa6fca967cd1ba5a0d40013a298b7e52b0822b This also adds a default implementation of get_default_redirect_url(). 2022-04-20T08:04:29Z Aymeric Augustin aymeric.augustin@m4x.org 2022-04-16T18:21:29Z urn:sha1:04bc2564b6e0a1a0f75bb5f015e47c96c86fa0be This preserves the behavior of redirecting to the logout URL without query string parameters when an insecure ?next=... parameter is given. It changes the behavior of a POST to the logout URL, as shown by the test that is changed. Currently, this results in a GET to the logout URL. However, such GET requests are deprecated. This change would be necessary in Django 5.0 anyway. This commit merely anticipates it. 2022-04-20T08:04:29Z Aymeric Augustin aymeric.augustin@m4x.org 2022-04-16T17:36:59Z urn:sha1:5fcd9b8c3383e2ab20c1573b44131105654b99d0 This might change the behavior when self.next_page == "". However, resolve_url(self.next_page) would almost certainly fail in that case. It is technically possible to define a logout URLpattern whose name is "": path('logout/', LogoutView.as_view(), name=''), and then to refer to this pattern with next_page = "". However this feels like a pathological case, so we decided not to handle it. Most checks on next_page, LOGIN_REDIRECT_URL, and LOGOUT_REDIRECT_URL are performed with boolean evaluation rather than comparison with None. That's why we standardizing that way. 2022-04-20T08:04:29Z Aymeric Augustin aymeric.augustin@m4x.org 2022-04-16T16:53:46Z urn:sha1:5b8699e723d9daf373fff46c6859fed2b780a9bd This aligns it with LoginView. Also, it removes confusion with the get_next_page() method of paginators. get_next_page() was a private API, therefore this refactoring is allowed. 2022-04-20T08:04:29Z Aymeric Augustin aymeric.augustin@m4x.org 2022-04-16T16:37:34Z urn:sha1:12576bd371c96fcc92f47a3df806531ff10450c6 This also renames SuccessURLAllowedHostsMixin to RedirectURLMixin. This doesn't change the behavior of LogoutView.get_next_page() because next_page == "" implies url_is_safe == False before the refactoring. 2022-04-19T04:25:38Z Aymeric Augustin aymeric.augustin@m4x.org 2022-04-16T16:35:30Z urn:sha1:903702dfb1461cbb4ab93f841651e6882a72d337 The default argument is unnecessary because url_has_allowed_host_and_scheme() returns False when its first argument is "" or None, so get_redirect_url() still returns "". This also aligns LoginView.get_redirect_url() and LogoutView.get_next_page().