Sha256: 89287e3815e3e9bb4bb799a19a9a71627c697753b08822b4b9ce2fc476a0b881

Contents?: true

Size: 429 Bytes

Versions: 18

Compression:

Stored size: 429 Bytes

Contents

module Pay
  class PaymentsController < ApplicationController
    layout "pay/application"

    before_action :set_redirect_to

    def show
      @payment = Payment.from_id(params[:id])
    end

    private

    # Ensure the back parameter is a valid path
    # This safely handles XSS or external redirects
    def set_redirect_to
      @redirect_to = URI.parse(params[:back].to_s).path.presence || root_path
    end
  end
end

Version data entries

18 entries across 18 versions & 1 rubygems

Version Path
pay-8.3.0 app/controllers/pay/payments_controller.rb
pay-8.2.2 app/controllers/pay/payments_controller.rb
pay-8.2.1 app/controllers/pay/payments_controller.rb
pay-8.2.0 app/controllers/pay/payments_controller.rb
pay-8.1.3 app/controllers/pay/payments_controller.rb
pay-8.1.2 app/controllers/pay/payments_controller.rb
pay-8.1.1 app/controllers/pay/payments_controller.rb
pay-8.1.0 app/controllers/pay/payments_controller.rb
pay-8.0.0 app/controllers/pay/payments_controller.rb
pay-7.3.0 app/controllers/pay/payments_controller.rb
pay-7.2.1 app/controllers/pay/payments_controller.rb
pay-7.1.1 app/controllers/pay/payments_controller.rb
pay-7.1.0 app/controllers/pay/payments_controller.rb
pay-7.0.0 app/controllers/pay/payments_controller.rb
pay-6.8.1 app/controllers/pay/payments_controller.rb
pay-6.8.0 app/controllers/pay/payments_controller.rb
pay-6.7.2 app/controllers/pay/payments_controller.rb
pay-6.7.1 app/controllers/pay/payments_controller.rb