Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz@curii.com>
// Send a fake ReturnTo value instead of the caller's
// opts.ReturnTo. We won't follow the resulting
// redirect target anyway.
- ReturnTo: ",https://none.invalid",
+ ReturnTo: ",https://controller.api.client.invalid",
AuthInfo: authinfo,
})
if err != nil {
protected
def from_trusted_url
- norm(self.url_prefix) == norm(Rails.configuration.Services.Workbench1.ExternalURL) ||
- norm(self.url_prefix) == norm(Rails.configuration.Services.Workbench2.ExternalURL)
+ norm_url_prefix = norm(self.url_prefix)
+ norm_url_prefix == norm(Rails.configuration.Services.Workbench1.ExternalURL) or
+ norm_url_prefix == norm(Rails.configuration.Services.Workbench2.ExternalURL) or
+ norm_url_prefix == norm("https://controller.api.client.invalid")
end
def norm url