Fixed #26956 -- Added success_url_allowed_hosts to LoginView and LogoutView.

Allows specifying additional hosts to redirect after login and log out.
2025-11-07 07:15:35 +00:00 · 2016-07-26 16:10:08 -07:00
parent f227b8d15d
commit 66e1ebbffc
5 changed files with 84 additions and 5 deletions
--- a/docs/releases/1.11.txt
+++ b/docs/releases/1.11.txt
@@ -101,6 +101,11 @@ Minor features
 * :func:`~django.contrib.auth.update_session_auth_hash` now rotates the session
  key to allow a password change to invalidate stolen session cookies.

+* The new ``success_url_allowed_hosts`` attribute for
+  :class:`~django.contrib.auth.views.LoginView` and
+  :class:`~django.contrib.auth.views.LogoutView` allows specifying a set of
+  hosts that are safe for redirecting after login and logout.
+
 :mod:`django.contrib.contenttypes`
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~