TEST_CODEOWNERS/rails
3
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

[ci skip] Fix some more documentation links

Browse Source
This commit is contained in:
Kasper Timm Hansen 2021-11-06 03:43:46 +01:00
parent 754c0f8a15
commit f2ca082d7b
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
actionpack/lib/action_controller/metal/redirecting.rb
View File

@ -66,13 +66,13 @@ class UnsafeRedirectError < StandardError; end
# === Open Redirect protection
#
# By default, Rails protects against redirecting to external hosts for your app's safety, so called open redirects.
# Note: this was a new default in Rails 7.0, after upgrading opt-in by uncommenting the line with #raise_on_open_redirects in <tt>config/initializers/new_framework_defaults_7_0.rb</tt>
# Note: this was a new default in Rails 7.0, after upgrading opt-in by uncommenting the line with +raise_on_open_redirects+ in <tt>config/initializers/new_framework_defaults_7_0.rb</tt>
#
# Here #redirect_to automatically validates the potentially-unsafe URL:
#
# redirect_to params[:redirect_url]
#
# Raises #UnsafeRedirectError in the case of an unsafe redirect.
# Raises UnsafeRedirectError in the case of an unsafe redirect.
#
# To allow any external redirects pass `allow_other_host: true`, though using a user-provided param in that case is unsafe.
#
@ -90,7 +90,7 @@ def redirect_to(options = {}, response_options = {})
self.response_body = "<html><body>You are being <a href=\"#{ERB::Util.unwrapped_html_escape(response.location)}\">redirected</a>.</body></html>"
end
# Soft deprecated alias for <tt>redirect_back_or_to</tt> where the fallback_location location is supplied as a keyword argument instead
# Soft deprecated alias for #redirect_back_or_to where the +fallback_location+ location is supplied as a keyword argument instead
# of the first positional argument.
def redirect_back(fallback_location:, allow_other_host: _allow_other_host, **args)
redirect_back_or_to fallback_location, allow_other_host: allow_other_host, **args
@ -164,7 +164,7 @@ def _compute_redirect_to_location(request, options) # :nodoc:
# # If request.host is on https://example.com or https://app.example.com, you'd get:
# url_from("https://dev.example.com/profile") # => nil
#
# NOTE: there's a similarity with #url_for, which generates an internal URL from various options from within the app, e.g. <tt>url_for(@post)</tt>.
# NOTE: there's a similarity with ActionDispatch::Routing::UrlFor#url_for, which generates an internal URL from various options from within the app, e.g. <tt>url_for(@post)</tt>.
# However, #url_from is meant to take an external parameter to verify as in <tt>url_from(params[:redirect_url])</tt>.
def url_from(location)
location = location.presence