cfa583fa71
Fixes #15959 Introduced in #6540, OAUTH_REDIRECT_AT_SIGN_IN allowed skipping the log-in form to instead redirect to the external OmniAuth login provider. However, it did not prevent the log-in form on /about introduced by #10232 from appearing, and completely broke with the introduction of #15228. As I restoring that previous log-in flow without introducing a security vulnerability may require extensive care and knowledge of how OmniAuth works, this commit removes support for OAUTH_REDIRECT_AT_SIGN_IN instead for the time being. |
||
|---|---|---|
| .. | ||
| 0_post_deployment_migrations.rb | ||
| 1_hosts.rb | ||
| 2_whitelist_mode.rb | ||
| active_model_serializers.rb | ||
| application_controller_renderer.rb | ||
| assets.rb | ||
| backtrace_silencers.rb | ||
| blacklists.rb | ||
| cache_buster.rb | ||
| chewy.rb | ||
| content_security_policy.rb | ||
| cookies_serializer.rb | ||
| cors.rb | ||
| devise.rb | ||
| doorkeeper.rb | ||
| fast_blank.rb | ||
| ffmpeg.rb | ||
| filter_parameter_logging.rb | ||
| http_client_proxy.rb | ||
| httplog.rb | ||
| inflections.rb | ||
| json_ld.rb | ||
| kaminari_config.rb | ||
| mail_delivery_job.rb | ||
| makara.rb | ||
| mime_types.rb | ||
| oj.rb | ||
| omniauth.rb | ||
| open_uri_redirection.rb | ||
| paperclip.rb | ||
| permissions_policy.rb | ||
| preload_link_headers.rb | ||
| premailer_rails.rb | ||
| rack_attack.rb | ||
| rack_attack_logging.rb | ||
| redis.rb | ||
| session_activations.rb | ||
| session_store.rb | ||
| sidekiq.rb | ||
| simple_form.rb | ||
| single_user_mode.rb | ||
| statsd.rb | ||
| stoplight.rb | ||
| strong_migrations.rb | ||
| suppress_csrf_warnings.rb | ||
| trusted_proxies.rb | ||
| twitter_regex.rb | ||
| vapid.rb | ||
| webauthn.rb | ||
| wrap_parameters.rb | ||