Merge branch '29669-redirect-referer-params' into 'master'

Fix redirection after login when the referer have params Closes #29669 See merge request !10397

Merge branch '29669-redirect-referer-params' into 'master'
Fix redirection after login when the referer have params Closes #29669 See merge request !10397
8a6104d0 · Rémy Coutable · fee8dcde · af0c08b6 · 8a6104d0 · 8a6104d0
Commit 8a6104d0 authored Apr 03, 2017 by Rémy Coutable
3 changed files
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@@ -79,7 +79,7 @@ class SessionsController < Devise::SessionsController
      if request.referer.present? && (params['redirect_to_referer'] == 'yes')
        referer_uri = URI(request.referer)
        if referer_uri.host == Gitlab.config.gitlab.host
-          referer_uri.path
+          referer_uri.request_uri
        else
          request.fullpath
        end

--- a/changelogs/unreleased/29669-redirect-referer-params.yml
+++ b/changelogs/unreleased/29669-redirect-referer-params.yml
+---
+title: Fix redirection after login when the referer have params
+merge_request:
+author: mhasbini
--- a/spec/controllers/sessions_controller_spec.rb
+++ b/spec/controllers/sessions_controller_spec.rb
@@ -211,4 +211,20 @@ describe SessionsController do
      end
    end
  end
+
+  describe '#new' do
+    before do
+      @request.env['devise.mapping'] = Devise.mappings[:user]
+    end
+
+    it 'redirects correctly for referer on same host with params' do
+      search_path = '/search?search=seed_project'
+      allow(controller.request).to receive(:referer).
+        and_return('http://%{host}%{path}' % { host: Gitlab.config.gitlab.host, path: search_path })
+
+      get(:new, redirect_to_referer: :yes)
+
+      expect(controller.stored_location_for(:redirect)).to eq(search_path)
+    end
+  end
 end