layout "site"
- before_action :disable_terms_redirect, :only => [:destroy]
- before_action :authorize_web
+ before_action :authorize_web, :except => [:destroy]
+ before_action -> { authorize_web(:skip_terms => true) }, :only => [:destroy]
before_action :set_locale
before_action :check_database_readable
before_action :require_cookies, :only => [:new]
authorize_resource :class => false
- def new
- override_content_security_policy_directives(:form_action => []) if Settings.csp_enforce || Settings.key?(:csp_report_url)
+ allow_all_form_action :only => :new
+ def new
referer = safe_referer(params[:referer]) if params[:referer]
parse_oauth_referer referer
end
def create
- session[:remember_me] ||= params[:remember_me]
+ session[:remember_me] = params[:remember_me] == "yes"
referer = safe_referer(params[:referer]) if params[:referer]
projects / rails.git / blobdiff