Ruby-on-Rails: How to get rid of "you are being redirected" page

Question

I am overriding Devise's failure response so that I can set a 401 status code. However, when the user fails to sign in, they are redirected to a page with a "you are being redirected" link. If I remove this :status => 401 from the redirect it works fine.

class CustomFailure < Devise::FailureApp     def redirect_url       new_user_session_url(:subdomain => 'secure')     end      def respond         if http_auth?            http_auth         else            store_location!            flash[:alert] = i18n_message unless flash[:notice]            redirect_to redirect_url, :status => 401         end     end end 

edit

Alternatively I would like to display the flash message and remain on the same page but adding this line of code:

render :text => "unauthorized", :status => 401 

causes ruby to complain:

undefined method `render' for #<CustomFailure:0x00000103367f28> 

What's happening here?

Answer 1

Proper HTTP statuses for a redirection are in the 30x form (301 and 302 being the most frequently used). By default, the redirect_to helper sets a 302 status header on the HTTP response. If you override that and set that to a 401, your web browser will assume that the response is a regular web page and will render the response body --which, in a redirection, is the boilerplate text "You are being redirected".

Answer 2

As said by @pantulis the browser will display this standard message if the response code is not a 3xx

To workaround this you can perform a javascript redirect:

# example with status 500: render text: "<script>window.location = '#{url}';</script>", status: 500 

This is off-course valid only if you are sure that all your users are using javascript. If your application can be browsed by users that may have disabled javascript you should also include a noscript tag and fallback in the standard "You are being redirected" message