Module: Controllers::ReturnPathHandling
- Extended by:
- ActiveSupport::Concern
- Included in:
- ApplicationController
- Defined in:
- app/concerns/controllers/return_path_handling.rb
Overview
Return path handling for preserving navigation context
Parses and validates return_path parameter, allowing users to be
redirected back to where they came from after completing an action.
Usage:
In views - pass return path in links
link_to 'Edit', edit_path(return_path: request.fullpath)
In controller - redirect back
redirect_to_return_path_or_default(fallback_path)
Instance variables set:
@return_path - The validated URL to return to
@return_title - Optional title for the return link
Instance Method Summary collapse
-
#check_for_return_path ⇒ Object
protected
Parse return_path parameter and set instance variables.
-
#redirect_to_return_path_or_default(default, options = {}) ⇒ Object
protected
Redirect to return path or fall back to default.
Instance Method Details
#check_for_return_path ⇒ Object (protected)
Parse return_path parameter and set instance variables.
Uses Rails's built-in url_from to validate the URL: returns the URL
only if it's on the same host as the request, nil otherwise. This
is real open-redirect protection, not just parse-validity (which is
what the previous Addressable::URI.parse rescue dance gave us).
31 32 33 34 35 36 |
# File 'app/concerns/controllers/return_path_handling.rb', line 31 protected def check_for_return_path return if json_request? @return_path = url_from(params[:return_path]).presence @return_title = params[:return_title].presence end |
#redirect_to_return_path_or_default(default, options = {}) ⇒ Object (protected)
Redirect to return path or fall back to default.
42 43 44 |
# File 'app/concerns/controllers/return_path_handling.rb', line 42 protected def redirect_to_return_path_or_default(default, = {}) redirect_to(@return_path || default, ) end |