diff --git a/actionpack/CHANGELOG.md b/actionpack/CHANGELOG.md
index 115a6cc42e..7e849562a8 100644
--- a/actionpack/CHANGELOG.md
+++ b/actionpack/CHANGELOG.md
@@ -1,3 +1,7 @@
+*   Allow relative redirects when `raise_on_open_redirects` is enabled
+
+    *Tom Hughes*
+
 *   Allow Content Security Policy DSL to generate for API responses.
 
     *Tim Wade*
diff --git a/actionpack/lib/action_controller/metal/redirecting.rb b/actionpack/lib/action_controller/metal/redirecting.rb
index e476c9b4b6..63ea731c0e 100644
--- a/actionpack/lib/action_controller/metal/redirecting.rb
+++ b/actionpack/lib/action_controller/metal/redirecting.rb
@@ -195,7 +195,7 @@ module ActionController
       end
 
       def _url_host_allowed?(url)
-        URI(url.to_s).host == request.host
+        [request.host, nil].include?(URI(url.to_s).host)
       rescue ArgumentError, URI::Error
         false
       end
diff --git a/actionpack/test/controller/redirect_test.rb b/actionpack/test/controller/redirect_test.rb
index 600057bc7e..9436a1fafa 100644
--- a/actionpack/test/controller/redirect_test.rb
+++ b/actionpack/test/controller/redirect_test.rb
@@ -88,6 +88,10 @@ class RedirectController < ActionController::Base
     redirect_back_or_to "http://www.rubyonrails.org/"
   end
 
+  def only_path_redirect
+    redirect_to action: "other_host", only_path: true
+  end
+
   def safe_redirect_with_fallback
     redirect_to url_from(params[:redirect_url]) || "/fallback"
   end
@@ -500,6 +504,14 @@ class RedirectTest < ActionController::TestCase
     end
   end
 
+  def test_only_path_redirect
+    with_raise_on_open_redirects do
+      get :only_path_redirect
+      assert_response :redirect
+      assert_redirected_to "/redirect/other_host"
+    end
+  end
+
   def test_url_from
     with_raise_on_open_redirects do
       get :safe_redirect_with_fallback, params: { redirect_url: "http://test.host/app" }