9 lines
275 B
Python
9 lines
275 B
Python
from urllib.parse import urljoin, urlparse
|
|
|
|
|
|
def is_safe_url(request, target):
|
|
ref_url = urlparse(request.host_url)
|
|
test_url = urlparse(urljoin(request.host_url, target))
|
|
return test_url.scheme in ('http', 'https') and \
|
|
ref_url.netloc == test_url.netloc
|