Tom Hughes
dc28f1dccc
Fix new rubocop warnings
2022-11-22 18:32:02 +00:00
Andy Allan
972249ce9d
Reconfigure the suspended flash message to avoid html_safe
...
This also avoids having raw html in the translation strings
2022-11-17 12:04:28 +00:00
Tom Hughes
40ec4734fb
Fix new rubocop warnings
2022-05-16 19:16:53 +01:00
Tom Hughes
988d7cd90d
Remove form_action restrictions for sessions#login
...
Login may redirect to ouath2_authorizations#create which may then
redirect to arbitrary schemes if the application is already authorized
so we need to allow login to redirect to any scheme.
Fixes #3424
2022-01-17 11:01:07 +00:00
Tom Hughes
407b61857e
Improve fallback behaviour for unsafe referer redirects
2021-11-23 17:18:41 +00:00
Tom Hughes
bf3743f190
Add missing callbacks to session controller
2021-03-29 20:36:07 +01:00
Andy Allan
f18baae22e
Refactor login/logout into sessions controller
...
Certain controller methods are shared with oauth-based logins, and these have been
moved to a concern.
2021-03-24 11:32:46 +00:00
