From aeb4271a27f3a331d65973f3c279cbc5bfa8a8dc Mon Sep 17 00:00:00 2001
From: Milan Cvetkovic <mcvetkovic@microsoft.com>
Date: Tue, 21 Nov 2023 13:01:52 +0000
Subject: [PATCH] Do not merge zoom/lat/lon options with oauth_return_url

---
 app/controllers/users_controller.rb | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index 0b7f6ec91..f79c284e3 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -311,20 +311,17 @@ class UsersController < ApplicationController
 
   def welcome_options
     uri = URI(session[:referer]) if session[:referer].present?
-    welcome_options = {}
-    welcome_options["oauth_return_url"] = uri&.to_s if uri&.path == oauth_authorization_path
+
+    return { "oauth_return_url" => uri&.to_s } if uri&.path == oauth_authorization_path
 
     begin
       %r{map=(.*)/(.*)/(.*)}.match(uri.fragment) do |m|
         editor = Rack::Utils.parse_query(uri.query).slice("editor")
-        welcome_options = { "zoom" => m[1],
-                            "lat" => m[2],
-                            "lon" => m[3] }.merge(editor).merge(welcome_options)
+        return { "zoom" => m[1], "lat" => m[2], "lon" => m[3] }.merge(editor)
       end
     rescue StandardError
       # Use default
     end
-    welcome_options
   end
 
   ##
-- 
2.39.5