Merge "Escape unicode characters when setting logout_reason cookie"
This commit is contained in:
commit
6c2a98c9fe
@ -52,13 +52,13 @@
|
||||
</p>
|
||||
</div>
|
||||
{% endif %}
|
||||
{% if request.COOKIES.logout_reason %}
|
||||
{% if request.COOKIES.logout_status == "success" %}
|
||||
{% if logout_reason %}
|
||||
{% if logout_status == "success" %}
|
||||
<div class="form-group clearfix error help-block alert alert-success" id="logout_reason">
|
||||
{% else %}
|
||||
<div class="form-group clearfix error help-block alert alert-danger" id="logout_reason">
|
||||
{% endif %}
|
||||
<p>{{ request.COOKIES.logout_reason }}</p>
|
||||
<p>{{ logout_reason }}</p>
|
||||
</div>
|
||||
{% endif %}
|
||||
{% if csrf_failure %}
|
||||
|
@ -31,13 +31,13 @@
|
||||
</div>
|
||||
{%endif%}
|
||||
<fieldset hz-login-finder>
|
||||
{% if request.COOKIES.logout_reason %}
|
||||
{% if request.COOKIES.logout_status == "success" %}
|
||||
{% if logout_reason %}
|
||||
{% if logout_status == "success" %}
|
||||
<div class="form-group clearfix error help-block alert alert-success" id="logout_reason">
|
||||
{% else %}
|
||||
<div class="form-group clearfix error help-block alert alert-danger" id="logout_reason">
|
||||
{% endif %}
|
||||
<p>{{ request.COOKIES.logout_reason }}</p>
|
||||
<p>{{ logout_reason }}</p>
|
||||
</div>
|
||||
{% endif %}
|
||||
{% include "horizon/common/_form_fields.html" %}
|
||||
|
@ -43,7 +43,7 @@ def add_logout_reason(request, response, reason, status='success'):
|
||||
# Store the translated string in the cookie
|
||||
lang = translation.get_language_from_request(request)
|
||||
with translation.override(lang):
|
||||
reason = str(reason)
|
||||
reason = force_text(reason).encode('unicode_escape').decode('ascii')
|
||||
response.set_cookie('logout_reason', reason, max_age=10)
|
||||
response.set_cookie('logout_status', status, max_age=10)
|
||||
|
||||
|
@ -66,6 +66,11 @@ def get_csrf_reason(reason):
|
||||
return reason
|
||||
|
||||
|
||||
def set_logout_reason(res, msg):
|
||||
msg = msg.encode('unicode_escape').decode('ascii')
|
||||
res.set_cookie('logout_reason', msg, max_age=10)
|
||||
|
||||
|
||||
# TODO(stephenfin): Migrate to CBV
|
||||
@sensitive_post_parameters()
|
||||
@csrf_protect
|
||||
@ -122,6 +127,9 @@ def login(request):
|
||||
|
||||
choices = settings.WEBSSO_CHOICES
|
||||
reason = get_csrf_reason(request.GET.get('csrf_failure'))
|
||||
logout_reason = request.COOKIES.get(
|
||||
'logout_reason', '').encode('ascii').decode('unicode_escape')
|
||||
logout_status = request.COOKIES.get('logout_status')
|
||||
extra_context = {
|
||||
'redirect_field_name': auth.REDIRECT_FIELD_NAME,
|
||||
'csrf_failure': reason,
|
||||
@ -131,6 +139,8 @@ def login(request):
|
||||
'single_value': '',
|
||||
'label': '',
|
||||
},
|
||||
'logout_reason': logout_reason,
|
||||
'logout_status': logout_status,
|
||||
}
|
||||
|
||||
if request.is_ajax():
|
||||
@ -150,7 +160,7 @@ def login(request):
|
||||
res = django_http.HttpResponseRedirect(
|
||||
reverse('password', args=[exc.user_id]))
|
||||
msg = _("Your password has expired. Please set a new password.")
|
||||
res.set_cookie('logout_reason', msg, max_age=10)
|
||||
set_logout_reason(res, msg)
|
||||
|
||||
# Save the region in the cookie, this is used as the default
|
||||
# selected region next time the Login form loads.
|
||||
@ -201,7 +211,7 @@ def websso(request):
|
||||
else:
|
||||
msg = 'Login failed: %s' % exc
|
||||
res = django_http.HttpResponseRedirect(settings.LOGIN_URL)
|
||||
res.set_cookie('logout_reason', msg, max_age=10)
|
||||
set_logout_reason(res, msg)
|
||||
return res
|
||||
|
||||
auth_user.set_session_from_user(request, request.user)
|
||||
@ -373,7 +383,7 @@ def switch_keystone_provider(request, keystone_provider=None,
|
||||
except exceptions.KeystoneAuthException as exc:
|
||||
msg = 'Keystone provider switch failed: %s' % exc
|
||||
res = django_http.HttpResponseRedirect(settings.LOGIN_URL)
|
||||
res.set_cookie('logout_reason', msg, max_age=10)
|
||||
set_logout_reason(res, msg)
|
||||
return res
|
||||
auth.login(request, request.user)
|
||||
auth_user.set_session_from_user(request, request.user)
|
||||
@ -403,5 +413,5 @@ class PasswordView(edit_views.FormView):
|
||||
# We have no session here, so regular messages don't work.
|
||||
msg = _('Password changed. Please log in to continue.')
|
||||
res = django_http.HttpResponseRedirect(self.success_url)
|
||||
res.set_cookie('logout_reason', msg, max_age=10)
|
||||
set_logout_reason(res, msg)
|
||||
return res
|
||||
|
Loading…
Reference in New Issue
Block a user