From 304eb3b75c6605a11b5a43dea3ebae490670967b Mon Sep 17 00:00:00 2001
From: Tom Hughes <tom@compton.nu>
Date: Tue, 1 Mar 2022 18:39:08 +0000
Subject: [PATCH] Enable open redirect protection

---
 config/initializers/new_framework_defaults_7_0.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/config/initializers/new_framework_defaults_7_0.rb b/config/initializers/new_framework_defaults_7_0.rb
index a5edd72ff..e41b6c7d1 100644
--- a/config/initializers/new_framework_defaults_7_0.rb
+++ b/config/initializers/new_framework_defaults_7_0.rb
@@ -73,7 +73,7 @@ Rails.application.config.active_record.verify_foreign_keys_for_fixtures = true
 Rails.application.config.active_record.partial_inserts = false
 
 # Protect from open redirect attacks in `redirect_back_or_to` and `redirect_to`.
-# Rails.application.config.action_controller.raise_on_open_redirects = true
+Rails.application.config.action_controller.raise_on_open_redirects = true
 
 # Change the variant processor for Active Storage.
 # Changing this default means updating all places in your code that
-- 
2.39.5