openstack/horizon
Code Issues Proposed changes
beed6bf6f6
horizon/openstack_dashboard
History
manchandavishal beed6bf6f6 Fix success_url parameter issue for Edit Snapshot 
The "success_url" param is used when updating the project snapshot
[1] and it lacks sanitizing the input URL that allows an attacker to
redirect the user to another website. This patch update 'Updateview'
class to not use the "sucess_url" method.

Closes-bug: #1982676

[1] https://github.com/openstack/horizon/blob/master/openstack_dashboard/dashboards/project/snapshots/views.py#L109

Change-Id: Ied142440965b1a722e7a4dd1be3b1be3b3e1644b
(cherry picked from commit 79d1395942)
2022-10-29 09:58:39 +05:30
..
api Merge "Fix Unable to use multiattach volume as boot for new server" into stable/wallaby 2021-07-29 12:43:58 +00:00
conf Support policy-in-code and deprecated policy 2021-01-27 14:02:27 +00:00
contrib Use python3-style super() 2020-10-15 14:37:20 +09:00
dashboards Fix success_url parameter issue for Edit Snapshot 2022-10-29 09:58:39 +05:30
django_pyscss_fix Handle log message interpolation by the logger 2017-03-31 20:59:16 +09:00
enabled Add Volume backups support for admin panel 2021-03-05 00:15:08 +00:00
local Changed default identity url to horizon 2019-12-06 18:41:38 +08:00
locale Imported Translations from Zanata 2022-06-29 03:23:56 +00:00
management Deprecate Django launch instance form 2021-03-09 15:55:35 +09:00
static Modified the image page to use CSS class 2022-09-29 02:07:13 +00:00
templates Use "load static" instead of "load staticfiles" 2021-01-13 21:31:36 +09:00
templatetags Stop to use the __future__ module. 2020-06-03 10:45:18 +02:00
test Merge "Fix Unable to use multiattach volume as boot for new server" into stable/wallaby 2021-07-29 12:43:58 +00:00
themes Fix Material theme to work with any combination of pyScss and MDI icons 2021-02-18 15:14:55 +09:00
usage Add try/except block for some nova and neutron api calls 2020-12-02 14:12:02 +00:00
utils Use python3-style super() 2020-10-15 14:37:20 +09:00
__init__.py
.eslintrc Add selective ESLint rule activation for Horizon Legacy JS 2015-07-08 17:06:15 -07:00
context_processors.py Forwards LOGOUT_URL to templates. 2019-09-20 11:51:48 +02:00
defaults.py Add default_availability_zone for VM creation 2021-06-18 19:44:35 +00:00
exceptions.py Drop Heat related code from horizon 2017-12-05 07:38:55 +00:00
hooks.py pylint: fix import-error 2019-01-16 00:00:58 +09:00
karma.conf.js Add expectations to identity specs 2020-12-18 10:22:57 -06:00
policy.py Specify POLICY_CHECK_FUNCTION as a string 2016-11-25 13:06:14 +01:00
settings.py Rename zh-cn and zh-tw translations to zh-hans and zh-hant 2021-02-18 09:57:27 +09:00
theme_settings.py pylint: fix several warnings 2019-01-15 00:22:27 +09:00
urls.py Define default settings explicitly (openstack_dashboard 5/5) 2019-07-08 18:20:32 +09:00
views.py Merge "Use python3-style super()" 2020-10-27 04:42:53 +00:00
wsgi.py Fixed path after moving wsgi/django.wsgi to wsgi.py 2018-09-06 12:05:37 +02:00