"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "app/controllers/application_controller.rb" between
redmine-4.1.0.tar.gz and redmine-4.1.1.tar.gz

About: Redmine is a flexible project management and bug-tracking web application (using the Ruby on Rails framework). It supports also project wikis and forums, documents management, and multiple version control systems.

application_controller.rb  (redmine-4.1.0):application_controller.rb  (redmine-4.1.1)
skipping to change at line 418 skipping to change at line 418
if @project && @project.id && User.current.logged? && User.current.allowed_t o?(:view_project, @project) if @project && @project.id && User.current.logged? && User.current.allowed_t o?(:view_project, @project)
Redmine::ProjectJumpBox.new(User.current).project_used(@project) Redmine::ProjectJumpBox.new(User.current).project_used(@project)
end end
true true
end end
def back_url def back_url
url = params[:back_url] url = params[:back_url]
if url.nil? && referer = request.env['HTTP_REFERER'] if url.nil? && referer = request.env['HTTP_REFERER']
url = CGI.unescape(referer.to_s) url = CGI.unescape(referer.to_s)
# URLs that contains the utf8=[checkmark] parameter added by Rails are
# parsed as invalid by URI.parse so the redirect to the back URL would
# not be accepted (ApplicationController#validate_back_url would return
# false)
url.gsub!(/(\?|&)utf8=\u2713&?/, '\1')
end end
url url
end end
helper_method :back_url
def redirect_back_or_default(default, options={}) def redirect_back_or_default(default, options={})
back_url = params[:back_url].to_s if back_url = validate_back_url(params[:back_url].to_s)
if back_url.present? && valid_url = validate_back_url(back_url) redirect_to(back_url)
redirect_to(valid_url)
return return
elsif options[:referer] elsif options[:referer]
redirect_to_referer_or default redirect_to_referer_or default
return return
end end
redirect_to default redirect_to default
false false
end end
# Returns a validated URL string if back_url is a valid url for redirection, # Returns a validated URL string if back_url is a valid url for redirection,
# otherwise false # otherwise false
def validate_back_url(back_url) def validate_back_url(back_url)
return false if back_url.blank?
if CGI.unescape(back_url).include?('..') if CGI.unescape(back_url).include?('..')
return false return false
end end
begin begin
uri = URI.parse(back_url) uri = URI.parse(back_url)
rescue URI::InvalidURIError rescue URI::InvalidURIError
return false return false
end end
skipping to change at line 475 skipping to change at line 482
return false return false
end end
if relative_url_root.present? && !path.starts_with?(relative_url_root) if relative_url_root.present? && !path.starts_with?(relative_url_root)
return false return false
end end
return path return path
end end
private :validate_back_url private :validate_back_url
helper_method :validate_back_url
def valid_back_url?(back_url) def valid_back_url?(back_url)
!!validate_back_url(back_url) !!validate_back_url(back_url)
end end
private :valid_back_url? private :valid_back_url?
helper_method :valid_back_url?
# Redirects to the request referer if present, redirects to args or call block otherwise. # Redirects to the request referer if present, redirects to args or call block otherwise.
def redirect_to_referer_or(*args, &block) def redirect_to_referer_or(*args, &block)
if referer = request.headers["Referer"] if referer = request.headers["Referer"]
redirect_to referer redirect_to referer
else else
if args.any? if args.any?
redirect_to *args redirect_to *args
elsif block_given? elsif block_given?
yield yield
 End of changes. 6 change blocks. 
3 lines changed or deleted 12 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)