mirror of
https://github.com/bookwyrm-social/bookwyrm.git
synced 2024-06-03 05:49:35 +00:00
2de115fc1e
In most cases, we want to return back to where we came from after performing an action. It's not safe to return to an arbitrary referer, so this streamlines using the util validator to verify the redirect and fall back on regular redirect params if the referer is outside our domain.
20 lines
403 B
Python
20 lines
403 B
Python
"""Validations"""
|
|
from bookwyrm.settings import DOMAIN, USE_HTTPS
|
|
|
|
|
|
def validate_url_domain(url):
|
|
"""Basic check that the URL starts with the instance domain name"""
|
|
if not url:
|
|
return None
|
|
|
|
if url == "/":
|
|
return url
|
|
|
|
protocol = "https://" if USE_HTTPS else "http://"
|
|
origin = f"{protocol}{DOMAIN}"
|
|
|
|
if url.startswith(origin):
|
|
return url
|
|
|
|
return None
|