FEATURE: Mark omniauth failures as HTML safe. (#14713)

FEATURE: Mark omniauth failures as HTML safe. (#14713)

Plugins can add HTML elements to auth error messages.

diff --git a/app/controllers/users/omniauth_callbacks_controller.rb b/app/controllers/users/omniauth_callbacks_controller.rb
index 6a9253b..7850cf2 100644
--- a/app/controllers/users/omniauth_callbacks_controller.rb
+++ b/app/controllers/users/omniauth_callbacks_controller.rb
@@ -98,8 +98,14 @@ class Users::OmniauthCallbacksController < ApplicationController
   end
 
   def failure
-    error_key = params[:message].to_s.gsub(/[^\w-]/, "") || "generic"
-    flash[:error] = I18n.t("login.omniauth_error.#{error_key}", default: I18n.t("login.omniauth_error.generic"))
+    error_key = params[:message].to_s.gsub(/[^\w-]/, "")
+    error_key = "generic" if error_key.blank?
+
+    flash[:error] = I18n.t(
+      "login.omniauth_error.#{error_key}",
+      default: I18n.t("login.omniauth_error.generic")
+    ).html_safe
+
     render 'failure'
   end
 

GitHub sha: be38615afde03371a4b5cbb7eff364fa680de93b

This commit appears in #14713 which was approved by CvX. It was merged by romanrizzi.