diff --git a/src/pretix/base/templatetags/safelink.py b/src/pretix/base/templatetags/safelink.py
new file mode 100644
index 0000000000..3f2e7eb350
--- /dev/null
+++ b/src/pretix/base/templatetags/safelink.py
@@ -0,0 +1,10 @@
+from django import template
+
+from ..views.redirect import safelink as sl
+
+register = template.Library()
+
+
+@register.simple_tag
+def safelink(url):
+ return sl(url)
diff --git a/src/pretix/base/views/redirect.py b/src/pretix/base/views/redirect.py
new file mode 100644
index 0000000000..3347c777be
--- /dev/null
+++ b/src/pretix/base/views/redirect.py
@@ -0,0 +1,19 @@
+import urllib.parse
+
+from django.core import signing
+from django.core.urlresolvers import reverse
+from django.http import HttpResponseBadRequest, HttpResponseRedirect
+
+
+def redir_view(request):
+ signer = signing.Signer(salt='safe-redirect')
+ try:
+ url = signer.unsign(request.GET.get('url', ''))
+ except signing.BadSignature:
+ return HttpResponseBadRequest('Invalid parameter')
+ return HttpResponseRedirect(url)
+
+
+def safelink(url):
+ signer = signing.Signer(salt='safe-redirect')
+ return reverse('redirect') + '?url=' + urllib.parse.quote(signer.sign(url))
diff --git a/src/pretix/presale/templates/pretixpresale/base.html b/src/pretix/presale/templates/pretixpresale/base.html
index 85faaaa255..790db0f17b 100644
--- a/src/pretix/presale/templates/pretixpresale/base.html
+++ b/src/pretix/presale/templates/pretixpresale/base.html
@@ -27,6 +27,7 @@
{% endcompress %}
{{ html_head|safe }}
+
diff --git a/src/pretix/presale/templates/pretixpresale/base_footer.html b/src/pretix/presale/templates/pretixpresale/base_footer.html
index 2756c5fd80..c10bc5fe29 100644
--- a/src/pretix/presale/templates/pretixpresale/base_footer.html
+++ b/src/pretix/presale/templates/pretixpresale/base_footer.html
@@ -1,5 +1,7 @@
{% load i18n %}
-{% with "href='http://pretix.eu'" as a_attr %}
+{% load safelink %}
+{% safelink "https://pretix.eu" as pretixurl %}
+{% with 'href="'|add:pretixurl|add:'"'|safe as a_attr %}
{% blocktrans trimmed %}
powered by pretix
{% endblocktrans %}
diff --git a/src/pretix/urls.py b/src/pretix/urls.py
index 3a679be5ba..1dd4039a91 100644
--- a/src/pretix/urls.py
+++ b/src/pretix/urls.py
@@ -8,7 +8,7 @@ from django.views.i18n import javascript_catalog
import pretix.control.urls
import pretix.presale.urls
-from .base.views import cachedfiles, health
+from .base.views import cachedfiles, health, redirect
# This is not a valid Django URL configuration, as the final
# configuration is done by the pretix.multidomain package.
@@ -25,6 +25,7 @@ base_patterns = [
name='cachedfile.download'),
url(r'^healthcheck/$', health.healthcheck,
name='healthcheck'),
+ url(r'^redirect/$', redirect.redir_view, name='redirect'),
url(r'^jsi18n/$',
etag(lambda *s, **k: import_date)(cache_page(3600, key_prefix='js18n-%s' % import_date)(javascript_catalog)),
js_info_dict, name='javascript-catalog'),