Should we remove redirect rules for editing and deleting entries?

Question

Closed this issue 2 years ago · 3 comments

I think it makes sense to remove delete_redirect_url and edit_redirect_url when displaying an entry in the admin.

Thoughts?

Answer 1 · 2020-11-05T02:20:20.000Z

Why? Do you fear this can be used as an XSS entry point or something similar?

Answer 2 · 2020-11-05T02:42:01.000Z

No, because if you’re in the admin, wouldn’t you want different rules?

Answer 3 · 2022-11-01T16:27:20.000Z

Closing: if they want, they can clone a View and add admin-specific redirects.