##// END OF EJS Templates
Fixed: inappropriate redirection to login or register page may occur (#2206). Eg. user clicks login link twice before logging in....
Jean-Philippe Lang -
r2060:5014b23c2ae4
parent child
Show More
@@ -127,8 +127,8 class ApplicationController < ActionController::Base
127 127 back_url = CGI.unescape(params[:back_url].to_s)
128 128 if !back_url.blank?
129 129 uri = URI.parse(back_url)
130 # do not redirect user to another host
131 if uri.relative? || (uri.host == request.host)
130 # do not redirect user to another host or to the login or register page
131 if (uri.relative? || (uri.host == request.host)) && !uri.path.match(%r{/(login|account/register)})
132 132 redirect_to(back_url) and return
133 133 end
134 134 end
General Comments 0
You need to be logged in to leave comments. Login now