Removes the UTF8 checkmark that prevents redirect from back_url.

git-svn-id: http://svn.redmine.org/redmine/trunk@15535 e93f8b46-1217-0410-a6f0-8f06a7374b81

diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb
index c727d0be5eb2e0766d5feb0853cc220a4f250411..288f734f20db1b7b7f4ca8e11093ce2e576a835a 100644 (file)
--- a/app/helpers/application_helper.rb
+++ b/app/helpers/application_helper.rb
@@ -1109,6 +1109,11 @@ module ApplicationHelper
     url = params[:back_url]
     if url.nil? && referer = request.env['HTTP_REFERER']
       url = CGI.unescape(referer.to_s)
+      # URLs that contains the utf8=[checkmark] parameter added by Rails are
+      # parsed as invalid by URI.parse so the redirect to the back URL would
+      # not be accepted (ApplicationController#validate_back_url would return
+      # false)
+      url.gsub!(/(\?|&)utf8=\u2713&?/, '\1')
     end
     url
   end

diff --git a/test/unit/helpers/application_helper_test.rb b/test/unit/helpers/application_helper_test.rb
index 89af800be30030fd2914d50864be6a3b3a5926a8..48260ccf7056f7b98e2c91fbcb3c13123e4bd2c7 100644 (file)
--- a/test/unit/helpers/application_helper_test.rb
+++ b/test/unit/helpers/application_helper_test.rb
@@ -1538,4 +1538,9 @@ RAW
     assert_equal "#{ja} #{ja}...", result
     assert !result.html_safe?
   end
+
+  def test_back_url_should_remove_utf8_checkmark_from_referer
+    stubs(:request).returns(stub(:env => {'HTTP_REFERER' => "/path?utf8=\u2713&foo=bar"}))
+    assert_equal "/path?foo=bar", back_url
+  end
 end