upgrades: fix unsafe redirect errors in receipt/payment actions.

2022-01-10 00:11:10 -06:00
parent 85e1ae3c9b
commit 323882dbc4
1 changed files with 2 additions and 2 deletions
--- a/app/controllers/user_upgrades_controller.rb
+++ b/app/controllers/user_upgrades_controller.rb
@@ -41,12 +41,12 @@ class UserUpgradesController < ApplicationController

  def receipt
    @user_upgrade = authorize UserUpgrade.find(params[:id])
-    redirect_to @user_upgrade.receipt_url
+    redirect_to @user_upgrade.receipt_url, allow_other_host: true
  end

  def payment
    @user_upgrade = authorize UserUpgrade.find(params[:id])
-    redirect_to @user_upgrade.payment_url
+    redirect_to @user_upgrade.payment_url, allow_other_host: true
  end

  private