The is_safe_url function can raise ValueError from _urlsplit. IMHO it should catch the error from parsing and return False in this case.
This can happen for example with next=http://168.192.0.1]
Traceback from 1.10, but it happens on 1.11 as well (and actually raises the ValueError even on the login page as it is now doing the validation).
File "/usr/lib/python2.7/dist-packages/django/contrib/auth/views.py" in inner
47. return func(*args, **kwargs)
File "/usr/lib/python2.7/dist-packages/django/views/decorators/debug.py" in sensitive_post_parameters_wrapper
76. return view(request, *args, **kwargs)
File "/usr/lib/python2.7/dist-packages/django/utils/decorators.py" in _wrapped_view
149. response = view_func(request, *args, **kwargs)
File "/usr/lib/python2.7/dist-packages/django/views/decorators/cache.py" in _wrapped_view_func
57. response = view_func(request, *args, **kwargs)
File "/usr/lib/python2.7/dist-packages/django/contrib/auth/views.py" in login
83. return HttpResponseRedirect(_get_login_redirect_url(request, redirect_to))
File "/usr/lib/python2.7/dist-packages/django/contrib/auth/views.py" in _get_login_redirect_url
53. if not is_safe_url(url=redirect_to, host=request.get_host()):
File "/usr/lib/python2.7/dist-packages/django/utils/http.py" in is_safe_url
309. return _is_safe_url(url, host) and _is_safe_url(url.replace('\\', '/'), host)
File "/usr/lib/python2.7/dist-packages/django/utils/http.py" in _is_safe_url
369. url_info = _urlparse(url)
File "/usr/lib/python2.7/dist-packages/django/utils/http.py" in _urlparse
321. splitresult = _urlsplit(url, scheme, allow_fragments)
File "/usr/lib/python2.7/dist-packages/django/utils/http.py" in _urlsplit
355. raise ValueError("Invalid IPv6 URL")
Exception Type: ValueError at /accounts/login/
Exception Value: Invalid IPv6 URL
PR