diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-05-31 11:43:43 +0000 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-05-31 11:44:14 +0000 |
| commit | 4530f5d0bdc9b2f60eed2146eaf1b6f35fc53b0e (patch) | |
| tree | 1194b1e2dd029e407f313797f781a2cf1f3ac39e /app | |
| parent | 15c040a6bd71894260b66a90685070c0babfee76 (diff) | |
| download | gitlab-ce-4530f5d0bdc9b2f60eed2146eaf1b6f35fc53b0e.tar.gz | |
Add latest changes from gitlab-org/security/gitlab@13-12-stable-ee
Diffstat (limited to 'app')
| -rw-r--r-- | app/controllers/oauth/authorizations_controller.rb | 3 | ||||
| -rw-r--r-- | app/views/doorkeeper/authorizations/redirect.html.haml | 7 |
2 files changed, 9 insertions, 1 deletions
diff --git a/app/controllers/oauth/authorizations_controller.rb b/app/controllers/oauth/authorizations_controller.rb index 857f36e3833..ddf70c1892a 100644 --- a/app/controllers/oauth/authorizations_controller.rb +++ b/app/controllers/oauth/authorizations_controller.rb @@ -14,8 +14,9 @@ class Oauth::AuthorizationsController < Doorkeeper::AuthorizationsController if pre_auth.authorizable? if skip_authorization? || matching_token? auth = authorization.authorize + parsed_redirect_uri = URI.parse(auth.redirect_uri) session.delete(:user_return_to) - redirect_to auth.redirect_uri + render "doorkeeper/authorizations/redirect", locals: { redirect_uri: parsed_redirect_uri }, layout: false else render "doorkeeper/authorizations/new" end diff --git a/app/views/doorkeeper/authorizations/redirect.html.haml b/app/views/doorkeeper/authorizations/redirect.html.haml new file mode 100644 index 00000000000..2fefbac3802 --- /dev/null +++ b/app/views/doorkeeper/authorizations/redirect.html.haml @@ -0,0 +1,7 @@ +%h3.page-title= _("Redirecting") + +%div + %a{ :href => redirect_uri } Click here to redirect to #{redirect_uri} + +:javascript + window.location= "#{redirect_uri}"; |