From: Magnus Hagander Date: Wed, 16 May 2018 10:54:30 +0000 (+0200) Subject: Use actual URL field for the sponsor signup URLs X-Git-Url: http://git.postgresql.org/gitweb/static/session/%7B%7Bsession.id%7D%7D-%7B%7Bsession.title%7Cslugify%7D%7D?a=commitdiff_plain;h=54c469faddb67d3a52669e3657fc4e2b79786358;p=pgeu-website.git Use actual URL field for the sponsor signup URLs This enables both client side validation that what's put in there is an URL, and server side verification of that. We don't ping back and check the URL, because that could be used to do evil things to say APIs that check source IP. We may want to look into doing that securely in the future, but this is a good starting point. --- diff --git a/postgresqleu/confsponsor/forms.py b/postgresqleu/confsponsor/forms.py index b4b59db..af25720 100644 --- a/postgresqleu/confsponsor/forms.py +++ b/postgresqleu/confsponsor/forms.py @@ -29,7 +29,7 @@ class SponsorSignupForm(forms.Form): address = forms.CharField(label="Company invoice address *", min_length=10, max_length=500, widget=forms.Textarea) vatstatus = forms.ChoiceField(label="Company VAT status", choices=vat_status_choices) vatnumber = forms.CharField(label="EU VAT Number", min_length=5, max_length=50, help_text="Enter EU VAT Number to be included on invoices if assigned one. Leave empty if outside the EU or without assigned VAT number.", required=False) - url = forms.CharField(label="Company URL *", min_length=8, max_length=100) + url = forms.URLField(label="Company URL *") twittername = forms.CharField(label="Company twitter", min_length=0, max_length=100, required=False, validators=[TwitterValidator, ]) confirm = forms.BooleanField(help_text="Check this box to that you have read and agree to the terms in the contract")