From 323882dbc4780d3c709cc4f009c5b89578e7066b Mon Sep 17 00:00:00 2001
From: evazion <noizave@gmail.com>
Date: Mon, 10 Jan 2022 00:11:10 -0600
Subject: [PATCH] upgrades: fix unsafe redirect errors in receipt/payment
 actions.

---
 app/controllers/user_upgrades_controller.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/controllers/user_upgrades_controller.rb b/app/controllers/user_upgrades_controller.rb
index 8bb47aefb..e3363ce5d 100644
--- a/app/controllers/user_upgrades_controller.rb
+++ b/app/controllers/user_upgrades_controller.rb
@@ -41,12 +41,12 @@ class UserUpgradesController < ApplicationController
 
   def receipt
     @user_upgrade = authorize UserUpgrade.find(params[:id])
-    redirect_to @user_upgrade.receipt_url
+    redirect_to @user_upgrade.receipt_url, allow_other_host: true
   end
 
   def payment
     @user_upgrade = authorize UserUpgrade.find(params[:id])
-    redirect_to @user_upgrade.payment_url
+    redirect_to @user_upgrade.payment_url, allow_other_host: true
   end
 
   private