Sign_out request causes unsafe redirect error for Rails 7+ #237
Description
In Rails 7, a setting was changed/introduced for by default disallowing redirects to external locations, unless if allow_other_host: true is passed to the redirect_to call.
When the name identifier format is set to transient, devise_saml_authenticatable will redirect a user to do a SLO request at the IDP, which is an external host (in most cases). This is set as the after_sign_out_path_for for the user. However, the method that does the redirect (I believe Devise::SessionsController#respond_to_on_destroy) does not pass allow_other_host, so Rails 7 and up will raise an UnsafeRedirectError in this case.