erp5_xhtml_style Base_cancel and logged_in: do not allow redirection outside ERP5 site.

product/ERP5/bootstrap/erp5_xhtml_style/SkinTemplateItem/portal_skins/erp5_xhtml_style/Base_cancel.xml

@@ -52,6 +52,12 @@
             <key> <string>_body</string> </key>
             <value> <string encoding="cdata"><![CDATA[
 
+topmost_url_document = context.Base_getURLTopmostDocumentValue()\n
+if not topmost_url_document.isURLAncestorOf(cancel_url):\n
+  return context.ERP5Site_redirect(topmost_url_document.absolute_url(),\n
+    keep_items={\'portal_status_message\': \'Redirection to an external site prevented.\'},\n
+    **kw)\n
+\n
 if \'?selection_name=\' in cancel_url or \'&selection_name=\' in cancel_url:\n
   # if selection_name is already present in the cancel URL, we do not\n
   # use erp5_xhtml_style script that would add it again.\n

product/ERP5/bootstrap/erp5_xhtml_style/SkinTemplateItem/portal_skins/erp5_xhtml_style/logged_in.xml

@@ -64,6 +64,10 @@ if portal.portal_membership.isAnonymousUser():\n
     + ("&came_from=" + url if url else ""))\n
 elif not url:\n
   url = context.absolute_url()\n
+topmost_url_document = context.Base_getURLTopmostDocumentValue()\n
+if not topmost_url_document.isURLAncestorOf(url):\n
+  return context.ERP5Site_redirect(topmost_url_document.absolute_url(),\n
+    keep_items={\'portal_status_message\': \'Redirection to an external site prevented.\'})\n
 return RESPONSE.redirect(url)\n