diff --git a/trunk/acct_mgr/web_ui.py b/trunk/acct_mgr/web_ui.py
|
a
|
b
|
|
| 434 | 434 | |
| 435 | 435 | def _do_login(self, req): |
| 436 | 436 | if not req.remote_user: |
| 437 | | req.redirect(self.env.abs_href()) |
| | 437 | req.redirect(req.abs_href()) |
| 438 | 438 | return auth.LoginModule._do_login(self, req) |
| 439 | 439 | |
| 440 | 440 | def _remote_user(self, req): |
| … |
… |
|
| 445 | 445 | if AccountManager(self.env).check_password(user, password): |
| 446 | 446 | return user |
| 447 | 447 | return None |
| 448 | | |
| 449 | | def _redirect_back(self, req): |
| 450 | | """Redirect the user back to the URL she came from.""" |
| 451 | | referer = self._referer(req) |
| 452 | | if referer and not referer.startswith(req.base_url): |
| 453 | | # don't redirect to external sites |
| 454 | | referer = None |
| 455 | | req.redirect(referer or self.env.abs_href()) |
| 456 | | |
| 457 | | def _referer(self, req): |
| 458 | | return req.args.get('referer') or req.get_header('Referer') |
| 459 | 448 | |
| 460 | 449 | def enabled(self): |
| 461 | 450 | # Users should disable the built-in authentication to use this one |
