X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/74cc88fce4982777d5f78e016940159de655c817..f6572e3712630666a219a6cd6d2fcfcde8cea66c:/app/controllers/sessions_controller.rb?ds=sidebyside

diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
index 2b6905ebb..19fe05f30 100644
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@@ -3,24 +3,24 @@ class SessionsController < ApplicationController
 
   layout "site"
 
-  before_action :disable_terms_redirect, :only => [:destroy]
-  before_action :authorize_web
+  before_action :authorize_web, :except => [:destroy]
+  before_action -> { authorize_web(:skip_terms => true) }, :only => [:destroy]
   before_action :set_locale
   before_action :check_database_readable
   before_action :require_cookies, :only => [:new]
 
   authorize_resource :class => false
 
-  def new
-    override_content_security_policy_directives(:form_action => []) if Settings.csp_enforce || Settings.key?(:csp_report_url)
+  allow_all_form_action :only => :new
 
+  def new
     referer = safe_referer(params[:referer]) if params[:referer]
 
     parse_oauth_referer referer
   end
 
   def create
-    session[:remember_me] ||= params[:remember_me]
+    session[:remember_me] = params[:remember_me] == "yes"
 
     referer = safe_referer(params[:referer]) if params[:referer]