Prevent redirecting to arbitrary URLs when saving preferences.

Review Request #14622 — Created Sept. 23, 2025 and updated

Information

Review Board
release-7.x

Reviewers

The privacy preferences form allows redirecting to a URL after saving,
because it may be shown to users in lieu of a target page if there are
services which require a consent choice. This redirect was not going
through the same machinery as logins, which have a check

This change makes it so our PrivacyForm includes Django's
RedirectURLMixin as a base class. We then call get_redirect_url(),
which will verify that the redirect is to a safe URL.

  • Ran unit tests, including added test.
  • Manually verified that redirects no longer allowed inserting arbitrary
    URLs.
Summary ID
Prevent redirecting to arbitrary URLs when saving preferences.
The privacy preferences form allows redirecting to a URL after saving, because it may be shown to users in lieu of a target page if there are services which require a consent choice. This redirect was not going through the same machinery as logins, which have a check This change makes it so our `PrivacyForm` includes Django's `RedirectURLMixin` as a base class. We then call `get_redirect_url()`, which will verify that the redirect is to a safe URL. Testing Done: - Ran unit tests, including added test. - Manually verified that redirects no longer allowed inserting arbitrary URLs.
nuuqkvprpoosunmzmsnoxzxmukxuuzst
Checks run (2 succeeded)
flake8 passed.
JSHint passed.
maubin
  1. Ship It!
  2.