Allow all /my URLs

Previously, URLs like /my/activity/posts were denied. This change allows those URLs.

app/controllers/users_controller.rb

@@ -81,7 +81,7 @@ class UsersController < ApplicationController
   end
 
   def my_redirect
-    if current_user.present? && params[:path] =~ /^[a-z\-]+$/
+    if current_user.present? && params[:path] =~ /^[a-z\-\/]+$/
       redirect_to "/users/#{current_user.username}/#{params[:path]}"
       return
     end

config/routes.rb

@@ -185,7 +185,7 @@ Discourse::Application.routes.draw do
   get "users/activate-account/:token" => "users#activate_account"
   get "users/authorize-email/:token" => "users#authorize_email"
   get "users/hp" => "users#get_honeypot_value"
-  get "my/:path", to: 'users#my_redirect'
+  get "my/*path", to: 'users#my_redirect'
 
   get "user_preferences" => "users#user_preferences_redirect"
   get "users/:username/private-messages" => "user_actions#private_messages", constraints: {username: USERNAME_ROUTE_FORMAT}

spec/controllers/users_controller_spec.rb

@@ -1330,6 +1330,11 @@ describe UsersController do
         get :my_redirect, path: "preferences"
         response.should be_redirect
       end
+
+      it "permits forward slashes" do
+        get :my_redirect, path: "activity/posts"
+        response.should be_redirect
+      end
     end
   end