Potentiel data leak in "Invalid form authenticity token" error screen (#16511).

git-svn-id: http://svn.redmine.org/redmine/trunk@13041 e93f8b46-1217-0410-a6f0-8f06a7374b81

app/controllers/application_controller.rb

@@ -44,6 +44,7 @@ class ApplicationController < ActionController::Base
     unless api_request?
       super
       cookies.delete(autologin_cookie_name)
+      self.logged_user = nil
       render_error :status => 422, :message => "Invalid form authenticity token."
     end
   end