The privacy preferences form allows redirecting to a URL after saving,

because it may be shown to users in lieu of a target page if there are

services which require a consent choice. This redirect was not going

through the same machinery as logins, which have a check
This change makes it so our PrivacyForm includes Django's

RedirectURLMixin as a base class. We then call get_redirect_url(),

which will verify that the redirect is to a safe URL.

Ran unit tests, including added test.
Manually verified that redirects no longer allowed inserting arbitrary

  URLs.