Should we remove redirect rules for editing and deleting entries?
Closed this issue · 3 comments
zackkatz commented
I think it makes sense to remove delete_redirect_url
and edit_redirect_url
when displaying an entry in the admin.
Thoughts?
rafaehlers commented
Why? Do you fear this can be used as an XSS entry point or something similar?
zackkatz commented
No, because if you’re in the admin, wouldn’t you want different rules?
zackkatz commented
Closing: if they want, they can clone a View and add admin-specific redirects.