Ensure before actions run on root route #1482
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
When using the recommended method for injecting a before filter into GoodJob the initial root route ignores that filter. In cases where someone is using that before filter to apply security they may want to return a non-301 response code for users who don't pass the authentication check.
For example someone may want to obfuscate that they're using GoodJob by returning a 404 from all GoodJob routes if the user is not logged in. Before this change users would receive the redirect from the root route, then get the 404, essentially "leaking" that the site is running GoodJob.