Rails 5.0 had introduced
to perform redirection to
path present in
If there is no
then site is redirected to
Now consider the following scenario.
In one of the searches on
we see a link to
On clicking the link,
we are navigated to
When somebody gets redirected to
the HTTP REFERRER is set to
redirect_back in its code
then the user will get redirected to
which might be undesired behavior for some applications.
To avoid such cases, Rails 5.2 has added a flag allow_other_host to not allow redirecting to a different host other than the current site.
allow_other_host option is set to
So if you do not want users to go back to
you need to explicitly set
1 2> request.host 3#=> "http://www.bigbinary.com" 4 5> request.headers["Referrer"] 6#=> "http://www.google.com" 7 8# This will redirect back to google.com 9redirect_back(fallback_path: "/") 10 11# This will not redirect back to google.com 12redirect_back(fallback_path: "/", allow_other_host: false) 13