1

I have a Django web application and I'm trying to redirect users to my mobile app in one of the views.

def magic_link(request, token):
    return redirect(f"{settings.FRONTEND_URL}/magic_link/{token}")

This redirect link is like: appname://magic_link/token. However, I'm getting the following error.

DisallowedRedirect at /magic_link/{token}/
Unsafe redirect to URL with protocol 'appname'

How can I fix this issue and redirect users to the mobile app in Django view?

Aslı Kök
  • 616
  • 8
  • 19
  • you are actually rederecting user with "appname" protocol which doesnt exist, instead of "appname" should be "http" or "https" or "ftp" etc, how does your {settings.FRONTEND_URL} looks like ? – oruchkin Apr 26 '22 at 15:02
  • It's written in my question. ```settings.FRONTEND_URL``` is like ```appname:/```. – Aslı Kök Apr 26 '22 at 15:07
  • yes, this is your problem, can you access "appname://google.com" ? you are using it as a protocol it should be "http:/ /magic_link/token" – oruchkin Apr 26 '22 at 15:15
  • because this is a mobile app link. so what's the solution? – Aslı Kök Apr 26 '22 at 15:17
  • you cant redirect user on your server with django in your mobile app, it should be done inside mobile app, using your django with API – oruchkin Apr 26 '22 at 15:19

1 Answers1

0

You should create your own HttpResponsePermanentRedirect which inherits from HttpResponsePermanentRedirect by django. In your own class, you add your app scheme to the allow_schemes (something relevant, i can't remember so well) to let django know your app scheme is valid.

Example:

class HttpResponsePermanentRedirect(HttpResponsePermanentRedirect by django):
   allow_schemes=['your_app_scheme',...]
Huy Le
  • 1
  • 1
  • 1
  • Correct, you can do this with any class that inherits from `HttpResponseRedirectBase`. Strangely can't find any docs, but here's the source https://github.com/django/django/blob/1a78ef2b85467a18ea6d7eaa4b27f67d11c87b9e/django/http/response.py#L569 – OllyTheNinja May 20 '22 at 05:46