Previously, ToggleSuspend class checked os-rescue policy for resume operation.By this fix, the class checks ‘os_compute_api:os-suspend-server:resume’ policyto align to resume operation.

Password forms in horizon now does not strip leading/trailing spacesincluded in input passwords. Previously horizon stripped leading/trailingspaces in input passwords but on the other hand keystone acceptsleading/trailing spaces and it can be an issue when such passwords areset via keystone API. To handle this situation horizon no longer stripsleading/trailing spaces in passwords.See [bug:1861224] andthe related mailing threadfor more detail.(Note that this change is part of horizon 18.5.0 releasebut we forgot to mention it.)

An open redirect has been fixed, that could redirect users to arbitraryaddresses from certain views by specifying a “next” parameter in the URL.Now the redirect will only work if the target URL is in the same domain,and uses the same protocol.