diff options
Diffstat (limited to 'app/controllers/application_controller.rb')
| -rw-r--r-- | app/controllers/application_controller.rb | 13 |
1 files changed, 3 insertions, 10 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 1718bfa..15cc108 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -4,7 +4,6 @@ class ApplicationController < ActionController::Base protect_from_forgery with: :exception - after_action :tidy_response_body helper_method :logged_in?, :current_user helper_method :authorized_to_show_user? @@ -18,13 +17,10 @@ class ApplicationController < ActionController::Base end def current_user - @_current_user ||= begin + @_current_user ||= if logged_in? User.find(session[:user_id]) - else - nil end - end end def authorized_to_show_user?(user) @@ -43,10 +39,7 @@ class ApplicationController < ActionController::Base object end - private - def tidy_response_body - if [:html, :xml, :atom].any? {|s| request.format == s } - response.body = ActiveSupport::Multibyte::Unicode.tidy_bytes(response.body) - end + def safe_redirect?(to) + to[0] == "/" && !to.include?("//") end end |