Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

FIX: Allow omniauth confirmation page to pass through GET parameters 

Using the rails `form_tag` helper generates a form with the action attribute set to the current URL (without parameters). In this case, we want to include any GET parameters, so it is better to exclude the action attribute from the form tag, and allow browsers to submit to the current URL.
This commit is contained in:
David Taylor 2020-01-08 15:31:51 +00:00
parent f1cd599966
commit cf60de59b1
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
app/views/users/omniauth_callbacks/confirm_request.html.erb
View File

@ -2,9 +2,10 @@
<h2><%= t('login.omniauth_confirm_title', provider:(t "js.login.#{params[:provider]}.name", default: params[:provider])) %></h2>
<br/>
<%= form_tag do %>
<form method="post">
<%= hidden_field_tag :authenticity_token, form_authenticity_token %>
<%= button_tag(type: "submit", class: "btn btn-primary") do %>
<%= SvgSprite.raw_svg('fa-plug') %><%= t 'login.omniauth_confirm_button' %>
<% end %>
<% end %>
</form>
</div>