From 7c2b3cdf5111c65a9e7f45522c6ecf923296a356 Mon Sep 17 00:00:00 2001
From: Matt-Yorkley <9029026+Matt-Yorkley@users.noreply.github.com>
Date: Tue, 18 Jan 2022 09:14:55 +0000
Subject: [PATCH] Fix param whitelisting

Co-authored-by: Maikel <maikel@email.org.au>
---
 app/controllers/split_checkout_controller.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/controllers/split_checkout_controller.rb b/app/controllers/split_checkout_controller.rb
index 25775745f0..a69d1dc5e0 100644
--- a/app/controllers/split_checkout_controller.rb
+++ b/app/controllers/split_checkout_controller.rb
@@ -70,7 +70,7 @@ class SplitCheckoutController < ::BaseController
   end
 
   def validate_current_step!
-    step = params[:step].tap{ |step| ["details", "payment", "summary"].include? step }
+    step = ([params[:step]] & ["details", "payment", "summary"]).first
     send("validate_#{step}!")
   end