From 5d7ed4db768b18dfdd9713d74b5d7d1cd49fd95d Mon Sep 17 00:00:00 2001
From: Sem van Nieuwenhuizen <leukenaamofzo@gmail.com>
Date: Mon, 30 Dec 2024 12:46:38 +0100
Subject: [PATCH] feat: add `pay.ideal.nl` to URL whitelist

---
 app/controllers/members/payments_controller.rb | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/app/controllers/members/payments_controller.rb b/app/controllers/members/payments_controller.rb
index 9b68f0955..f01c7fa3e 100644
--- a/app/controllers/members/payments_controller.rb
+++ b/app/controllers/members/payments_controller.rb
@@ -55,7 +55,10 @@ def pay_activities
       end
 
       # Check if it's a valid URI and matches your whitelist of acceptable domains (e.g., only http(s)://example.com)
-      if url.is_a?(URI::HTTP) && ['www.mollie.com'].include?(url.host)
+      if url.is_a?(URI::HTTP) && [
+          'www.mollie.com', # staging
+          'pay.ideal.nl', # production
+        ].include?(url.host)
         redirect_to(url.to_s)
       else
         # Fallback to a safe default redirect if the URI is invalid or not in the whitelist