Merge pull request #171 from datacite/fix-unsafe-redirect-error-part-2

fix unsafe redirect error part 2

Author: wendelfabianchinsamy

app/controllers/users/sessions_controller.rb

@@ -54,12 +54,5 @@ def empty_cookie
         secure: !Rails.env.development? && !Rails.env.test?,
         domain: domain }
     end
-
-    private
-      def redirect_options
-        {
-          allow_other_host: true
-        }
-      end
   end
 end

config/initializers/devise_allow_other_host.rb

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+module Devise
+  module Controllers
+    module Helpers
+      def redirect_to(options = {}, response_options = {})
+        if options.is_a?(String) && options.match?(/\Ahttps?:\/\//)
+          response_options[:allow_other_host] = true
+        end
+        super(options, response_options)
+      end
+    end
+  end
+end