Merge remote-tracking branch 'upstream/pull/5318'

[rails.git] / app / controllers / sessions_controller.rb

diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
index 2b6905ebb548fc9f2703d3045c0f3c282f74dfe4..abbaf5e921e45aedf89e60d7057023b9a0374143 100644 (file)
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@@ -11,16 +11,16 @@ class SessionsController < ApplicationController
 
   authorize_resource :class => false
 
-  def new
-    override_content_security_policy_directives(:form_action => []) if Settings.csp_enforce || Settings.key?(:csp_report_url)
+  allow_all_form_action :only => :new
 
+  def new
     referer = safe_referer(params[:referer]) if params[:referer]
 
     parse_oauth_referer referer
   end
 
   def create
-    session[:remember_me] ||= params[:remember_me]
+    session[:remember_me] = params[:remember_me] == "yes"
 
     referer = safe_referer(params[:referer]) if params[:referer]