FEATURE: Mark omniauth failures as HTML safe. (#14713)

Plugins can add HTML elements to auth error messages.
This commit is contained in:
Roman Rizzi 2021-10-26 09:46:25 -03:00 committed by GitHub
parent 9882aa840a
commit be38615afd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -98,8 +98,14 @@ class Users::OmniauthCallbacksController < ApplicationController
end
def failure
error_key = params[:message].to_s.gsub(/[^\w-]/, "") || "generic"
flash[:error] = I18n.t("login.omniauth_error.#{error_key}", default: I18n.t("login.omniauth_error.generic"))
error_key = params[:message].to_s.gsub(/[^\w-]/, "")
error_key = "generic" if error_key.blank?
flash[:error] = I18n.t(
"login.omniauth_error.#{error_key}",
default: I18n.t("login.omniauth_error.generic")
).html_safe
render 'failure'
end