10 years ago · 073b80a5cc
--- a/app/controllers/agents_controller.rb
+++ b/app/controllers/agents_controller.rb
@@ -179,7 +179,9 @@ class AgentsController < ApplicationController
 
                 
              
 
                   # Sanitize params[:return] to prevent open redirect attacks, a common security issue.
              
 
                   def redirect_back(message)
              
 
                -    if params[:return] == "show" && @agent
              
 
                +    if params[:return] == "show" && message.include?("deleted")
              
 
                +      path = agents_path
              
 
                +    elsif params[:return] == "show" && @agent
              
 
                       path = agent_path(@agent)
              
 
                     elsif params[:return] =~ /\A#{Regexp::escape scenarios_path}\/\d+\Z/
              
 
                       path = params[:return]