Rails 7 redirection error due to allow_other_host option not being true

[bcasci]

I'm working with a multi-tenant app, and there is a need move users between subdomains. The app running with Rails 7. There is a redirect_to call in the passwordless source that does not use the allow_other_host option, which throw an errors when using Rails 7 because that option is defaulted to false

My proposal, which I can do if the solution is agreed upon, is to allow the passwordless configuration *_redirect_path setting to take a Proc, in addition to a string. This way the host application could provide a bit more specificity about how a redirection should function.

What do you think? Is there a better solution?

[bcasci]

@mikker what do you think about this idea?

[mikker]

Sounds okay 👍 PR welcome

[bcasci]

@mikker After taking a closer look at the source code, and seeing how I'm the only person to raise this issue, I think it might be best to keep things simple by adding the following config setting.

mattr_accessor(:redirect_to_response_options) { {} }

This would make it so the host application could easily specify redirect_to options like allow_other_host or status if need be.

I'll probably noodle on this today.

What I proposed is fine, but it's probably overkill unless others start facing similar or more complex redirection issues.