diff options
| author | Yuichi Takeuchi <yuichi.takeuchi@takeyuweb.co.jp> | 2019-01-19 15:50:56 +0900 |
|---|---|---|
| committer | Yuichi Takeuchi <yuichi.takeuchi@takeyuweb.co.jp> | 2019-01-21 14:15:34 +0900 |
| commit | ee65ca46e589e14484c80b35c46c9aff26769d86 (patch) | |
| tree | 92f798eccd08b88e5c2e20dbfdebaa7f538de330 /activestorage/app/controllers | |
| parent | 9608b180bfb36cb459e4aa8d8116a065046e1915 (diff) | |
| download | rails-ee65ca46e589e14484c80b35c46c9aff26769d86.tar.gz rails-ee65ca46e589e14484c80b35c46c9aff26769d86.tar.bz2 rails-ee65ca46e589e14484c80b35c46c9aff26769d86.zip | |
Fix ArgumentError: Unsafe redirect
Diffstat (limited to 'activestorage/app/controllers')
| -rw-r--r-- | activestorage/app/controllers/active_storage/blobs_controller.rb | 2 | ||||
| -rw-r--r-- | activestorage/app/controllers/active_storage/representations_controller.rb | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/activestorage/app/controllers/active_storage/blobs_controller.rb b/activestorage/app/controllers/active_storage/blobs_controller.rb index 4fc3fbe824..a8e42d7356 100644 --- a/activestorage/app/controllers/active_storage/blobs_controller.rb +++ b/activestorage/app/controllers/active_storage/blobs_controller.rb @@ -9,6 +9,6 @@ class ActiveStorage::BlobsController < ActiveStorage::BaseController def show expires_in ActiveStorage.service_urls_expire_in - redirect_to @blob.service_url(disposition: params[:disposition]) + redirect_to @blob.service_url(disposition: params[:disposition]), allow_other_host: true end end diff --git a/activestorage/app/controllers/active_storage/representations_controller.rb b/activestorage/app/controllers/active_storage/representations_controller.rb index 98e11e5dbb..d01af5d939 100644 --- a/activestorage/app/controllers/active_storage/representations_controller.rb +++ b/activestorage/app/controllers/active_storage/representations_controller.rb @@ -9,6 +9,6 @@ class ActiveStorage::RepresentationsController < ActiveStorage::BaseController def show expires_in ActiveStorage.service_urls_expire_in - redirect_to @blob.representation(params[:variation_key]).processed.service_url(disposition: params[:disposition]) + redirect_to @blob.representation(params[:variation_key]).processed.service_url(disposition: params[:disposition]), allow_other_host: true end end |