DisallowedRedirect (Unsafe redirect to URL with protocol) Django

Question

I am getting DisallowedRedirect error when i am logging user in The two views are

def login(request):
    c={}
    c.update(csrf(request))
    form=LoginForm()
    errors=()
    c['form']=form
    c['errors']=errors
    return render(request,'news/login.html',c)

def auth_view(request):
    username=request.POST.get('username','')
    password=request.POST.get('password','')
    user=auth.authenticate(username=username,password=password)
    if user is not None:
        auth.login(request,user)
        return HttpResponseRedirect('news:home',request)
    else:
        form=LoginForm()
        errors=('Invalid Username or Password',)
        return render(request,'news/login.html', {'form':form,'errors':errors})

Answer 1

In addition to the current answers if you want to redirect to an custom scheme, you can use following code:

class CustomSchemeRedirect(HttpResponsePermanentRedirect):
    allowed_schemes = ['tg']


def redirect(request):
    return CustomSchemeRedirect('tg://resolve?domain=durov')

Answer 2

instead of

return HttpResponseRedirect('news:home',request)

this:

return HttpResponseRedirect(reverse('news:home'))

or

return redirect('news:home')

or

return redirect(reverse('news:home'))

Answer 3

HttpResponseRedirect.allowed_schemes.append('news')

Answer 4

Make sure that when you get this error you have the correct scheme supplied in front of your URL. By default the django.http.HttpResponseRedirect does not allow redirects to URLs that don't start with one of the following schemes:

• http
• https
• ftp

So if the URL you supply is, for example, localhost:8000 make sure you change it to http://localhost:8000 to get it to work.