From 1e5951101f2673897c1701db327ca3f0b5e353cd Mon Sep 17 00:00:00 2001
From: Katja Suess <k.suess@rohberg.ch>
Date: Fri, 22 Nov 2019 19:47:12 +0100
Subject: [PATCH] prevent infinite request for confirmation (plone.protect)

---
 plone/app/discussion/browser/moderation.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/plone/app/discussion/browser/moderation.py b/plone/app/discussion/browser/moderation.py
index 2420e40..6b24b95 100644
--- a/plone/app/discussion/browser/moderation.py
+++ b/plone/app/discussion/browser/moderation.py
@@ -228,7 +228,8 @@ class PublishComment(BrowserView):
         # if the referrer already has a came_from in it, don't redirect back
         if (len(came_from) == 0 or 'came_from=' in came_from or
                 not getToolByName(
-                content_object, 'portal_url').isURLInPortal(came_from)):
+                content_object, 'portal_url').isURLInPortal(came_from) or
+                '@@confirm-action' in came_from):
             came_from = content_object.absolute_url()
         return self.context.REQUEST.RESPONSE.redirect(came_from)