From: Tom Hughes <tom@compton.nu>
Date: Tue, 18 May 2021 11:12:04 +0000 (+0100)
Subject: Allow OAuth 2 authorizations to redirect to anywhere
X-Git-Tag: live~1590^2~4
X-Git-Url: https://git.openstreetmap.org/rails.git/commitdiff_plain/b96f3867e61dad3d7f14a0d8da01ea0cab1c83ec

Allow OAuth 2 authorizations to redirect to anywhere
---

diff --git a/app/controllers/oauth2_authorizations_controller.rb b/app/controllers/oauth2_authorizations_controller.rb
index 9c2bce2d1..b851d19b2 100644
--- a/app/controllers/oauth2_authorizations_controller.rb
+++ b/app/controllers/oauth2_authorizations_controller.rb
@@ -5,4 +5,10 @@ class Oauth2AuthorizationsController < Doorkeeper::AuthorizationsController
   before_action :set_locale
 
   authorize_resource :class => false
+
+  def new
+    override_content_security_policy_directives(:form_action => []) if Settings.csp_enforce || Settings.key?(:csp_report_url)
+
+    super
+  end
 end