Skip to content

G
gitlab-ce
Commit 9ba563f3 authored by Marin Jankovski's avatar Marin Jankovski
Browse files
Options

Use base 64 encoding for email params.

parent b5342de5
Show whitespace changes
Inline Side-by-side
Showing with 5 additions and 4 deletions
app/controllers/unsubscribes_controller.rb
View file @ 9ba563f3
...@@ -15,8 +15,9 @@ class UnsubscribesController < ApplicationController ...@@ -15,8 +15,9 @@ class UnsubscribesController < ApplicationController
end end
protected protected
def get_user def get_user
@email = CGI.unescape(params[:email]) @email = Base64.urlsafe_decode64(params[:email])
User.where(email: @email).first User.where(email: @email).first
end end
end end
app/mailers/emails/admin_notification.rb
View file @ 9ba563f3
...@@ -2,7 +2,7 @@ module Emails ...@@ -2,7 +2,7 @@ module Emails
module AdminNotification module AdminNotification
def send_admin_notification(user_id, subject, body) def send_admin_notification(user_id, subject, body)
email = recipient(user_id) email = recipient(user_id)
@unsubscribe_url = unsubscribe_url(email: CGI.escape(email)) @unsubscribe_url = unsubscribe_url(email: Base64.urlsafe_encode64(email))
@body = body @body = body
mail to: email, subject: subject mail to: email, subject: subject
end end
......
app/views/unsubscribes/show.html.haml
View file @ 9ba563f3
%h3.page-title Unsubscribe from Admin notifications %h3.page-title Unsubscribe from Admin notifications
%hr %hr
= form_tag unsubscribe_path(@email) do = form_tag unsubscribe_path(Base64.urlsafe_encode64(@email)) do
%p %p
Yes, I want to unsubscribe Yes, I want to unsubscribe
%strong= @email %strong= @email
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7