diff --git a/common/djangoapps/terrain/steps.py b/common/djangoapps/terrain/steps.py index 32dc4db432..5e20b0a1d0 100644 --- a/common/djangoapps/terrain/steps.py +++ b/common/djangoapps/terrain/steps.py @@ -81,7 +81,9 @@ def click_the_link_with_the_text_group1(step, linktext): @step('I should see that the path is "([^"]*)"$') def i_should_see_that_the_path_is(step, path): - assert world.url_equals(path) + assert world.url_equals(path), ( + "path should be {!r} but is {!r}".format(path, world.browser.url) + ) @step(u'the page title should be "([^"]*)"$') diff --git a/lms/djangoapps/courseware/features/login.feature b/lms/djangoapps/courseware/features/login.feature index 7af151ed26..3c4d006fb9 100644 --- a/lms/djangoapps/courseware/features/login.feature +++ b/lms/djangoapps/courseware/features/login.feature @@ -46,3 +46,13 @@ Feature: LMS.Login in as a registered user And I visit the url "/login?next=http://www.google.com/" When I submit my credentials on the login form Then I should be on the dashboard page + + Scenario: Login with a redirect with parameters + Given I am an edX user + And I am not logged in + And I visit the url "/debug/show_parameters?foo=hello&bar=world" + And I should see that the path is "/accounts/login?next=/debug/show_parameters%3Ffoo%3Dhello%26bar%3Dworld" + When I submit my credentials on the login form + And I wait for "2" seconds + Then I should see "foo: u'hello'" somewhere on the page + And I should see "bar: u'world'" somewhere on the page diff --git a/lms/djangoapps/debug/views.py b/lms/djangoapps/debug/views.py index 5a5927e350..6794c30348 100644 --- a/lms/djangoapps/debug/views.py +++ b/lms/djangoapps/debug/views.py @@ -3,13 +3,16 @@ import pprint import traceback -from django.http import Http404 +from django.http import Http404, HttpResponse from django.contrib.auth.decorators import login_required +from django.utils.html import escape + from django_future.csrf import ensure_csrf_cookie from edxmako.shortcuts import render_to_response from codejail.safe_exec import safe_exec + @login_required @ensure_csrf_cookie def run_python(request): @@ -29,3 +32,14 @@ def run_python(request): else: c['results'] = pprint.pformat(g) return render_to_response("debug/run_python_form.html", c) + + +@login_required +def show_parameters(request): + """A page that shows what parameters were on the URL and post.""" + html = [] + for name, value in sorted(request.GET.items()): + html.append(escape("GET {}: {!r}".format(name, value))) + for name, value in sorted(request.POST.items()): + html.append(escape("POST {}: {!r}".format(name, value))) + return HttpResponse("\n".join("

{}

".format(h) for h in html)) diff --git a/lms/templates/login.html b/lms/templates/login.html index 5d79076227..a99a017a75 100644 --- a/lms/templates/login.html +++ b/lms/templates/login.html @@ -51,7 +51,11 @@ $('#login-form').on('ajax:success', function(event, json, xhr) { if(json.success) { var u=decodeURI(window.location.search); - next=u.split("next=")[1]; + var next = u.split("next=")[1]; + if (next != undefined) { + // if next is undefined, decodeURI returns "undefined" causing a bad redirect. + next = decodeURIComponent(next); + } if (next && !isExternal(next)) { location.href=next; } else if(json.redirect_url){ diff --git a/lms/urls.py b/lms/urls.py index 4946586316..f304e2c13c 100644 --- a/lms/urls.py +++ b/lms/urls.py @@ -478,9 +478,13 @@ urlpatterns += ( if settings.FEATURES.get('ENABLE_DEBUG_RUN_PYTHON'): urlpatterns += ( - url(r'^debug/run_python', 'debug.views.run_python'), + url(r'^debug/run_python$', 'debug.views.run_python'), ) +urlpatterns += ( + url(r'^debug/show_parameters$', 'debug.views.show_parameters'), +) + # Crowdsourced hinting instructor manager. if settings.FEATURES.get('ENABLE_HINTER_INSTRUCTOR_VIEW'): urlpatterns += (