From 754c0f8a15caa8da7a4a4aff093d244f7c002def Mon Sep 17 00:00:00 2001 From: Kasper Timm Hansen Date: Sat, 6 Nov 2021 03:32:21 +0100 Subject: [PATCH] [ci skip] Update documenation formatting to link to methods/constants and fix code fences --- .../lib/action_controller/metal/redirecting.rb | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/actionpack/lib/action_controller/metal/redirecting.rb b/actionpack/lib/action_controller/metal/redirecting.rb index e602d56f6a..3da00735d6 100644 --- a/actionpack/lib/action_controller/metal/redirecting.rb +++ b/actionpack/lib/action_controller/metal/redirecting.rb @@ -66,19 +66,19 @@ class UnsafeRedirectError < StandardError; end # === Open Redirect protection # # By default, Rails protects against redirecting to external hosts for your app's safety, so called open redirects. - # Note: this was a new default in Rails 7.0, after upgrading opt-in by uncommenting the line with `raise_on_open_redirects` in `config/initializers/new_framework_defaults_7_0.rb` + # Note: this was a new default in Rails 7.0, after upgrading opt-in by uncommenting the line with #raise_on_open_redirects in config/initializers/new_framework_defaults_7_0.rb # - # Here redirect_to automatically validates the potentially-unsafe URL: + # Here #redirect_to automatically validates the potentially-unsafe URL: # # redirect_to params[:redirect_url] # - # Raises ActionController::Redirecting::UnsafeRedirectError in the case of an unsafe redirect. + # Raises #UnsafeRedirectError in the case of an unsafe redirect. # # To allow any external redirects pass `allow_other_host: true`, though using a user-provided param in that case is unsafe. # # redirect_to "https://rubyonrails.org", allow_other_host: true # - # See url_from for more information on what an internal and safe URL is, or how to fall back to an alternate redirect URL in the unsafe case. + # See #url_from for more information on what an internal and safe URL is, or how to fall back to an alternate redirect URL in the unsafe case. def redirect_to(options = {}, response_options = {}) raise ActionControllerError.new("Cannot redirect to nil!") unless options raise AbstractController::DoubleRenderError if response_body @@ -152,7 +152,7 @@ def _compute_redirect_to_location(request, options) # :nodoc: # # redirect_to url_from(params[:redirect_url]) || root_url # - # The +location+ is considered internal, and safe, if it's on the same host as the request.host: + # The +location+ is considered internal, and safe, if it's on the same host as request.host: # # # If request.host is example.com: # url_from("https://example.com/profile") # => "https://example.com/profile" @@ -164,8 +164,8 @@ def _compute_redirect_to_location(request, options) # :nodoc: # # If request.host is on https://example.com or https://app.example.com, you'd get: # url_from("https://dev.example.com/profile") # => nil # - # NOTE: there's a similarity with url_for, which generates an internal URL from various options from within the app, e.g. `url_for(@post)`. - # However, url_from is meant to take an external parameter to verify as in `url_from(params[:redirect_url])`. + # NOTE: there's a similarity with #url_for, which generates an internal URL from various options from within the app, e.g. url_for(@post). + # However, #url_from is meant to take an external parameter to verify as in url_from(params[:redirect_url]). def url_from(location) location = location.presence location if location && _url_host_allowed?(location)