Fix the Redirect warnings from Brakeman

Unfortunately I've had to leave the check disabed as Brakeman can't see inside the safe_referer method so doesn't realise that it is cleaning the referer.
2020-07-22 19:13:19 +01:00 · 2020-07-22 19:13:19 +01:00 · d4130bcac8
commit d4130bcac8
parent 86428201dd
5 changed files with 49 additions and 35 deletions
--- a/app/controllers/messages_controller.rb
+++ b/app/controllers/messages_controller.rb
@ -120,7 +120,7 @@ class MessagesController < ApplicationController
      flash[:notice] = t ".destroyed"

      if params[:referer]
-        redirect_to params[:referer]
+        redirect_to safe_referer(params[:referer])
      else
        redirect_to :action => :inbox
      end