fix: Broken /terms and /privacy routes (#749)

* fix: replace invalid redirect("about:blank") with proper controller actions The privacy and terms routes were using redirect("about:blank") which is invalid because about:blank is a browser-specific pseudo URL, not a valid HTTP redirect target. This fix replaces them with proper controller actions that render placeholder pages. Changes: - Add privacy and terms actions to PagesController with skip_authentication - Create privacy.html.erb and terms.html.erb view templates - Add i18n translations for the new pages - Update routes to use pages#privacy and pages#terms https://claude.ai/code/session_01RL36dMda1o6LXGsnGnTJZu * Make legal routes configurable --------- Co-authored-by: Claude <noreply@anthropic.com>
2026-04-20 04:24:06 +00:00 · 2026-01-23 11:39:48 +01:00
parent 0316b848eb
commit 5ba051c8cf
5 changed files with 45 additions and 3 deletions
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -450,8 +450,10 @@ Rails.application.routes.draw do

  get "imports/:import_id/upload/sample_csv", to: "import/uploads#sample_csv", as: :import_upload_sample_csv

-  get "privacy", to: redirect("about:blank")
-  get "terms", to: redirect("about:blank")
+  privacy_url = ENV["LEGAL_PRIVACY_URL"].presence
+  terms_url = ENV["LEGAL_TERMS_URL"].presence
+  get "privacy", to: privacy_url ? redirect(privacy_url) : "pages#privacy"
+  get "terms", to: terms_url ? redirect(terms_url) : "pages#terms"

  # Admin namespace for super admin functionality
  namespace :admin do