Remove unused code
Since Rails 2.3.11, protect_from_forgery exclusively calls handle_unverified_request which defaults to resetting the session. The old code to handle an invalid CSRF token is not used anymore and is thus removed to un-confuse people.
This commit is contained in:
parent
900eda7a23
commit
724bd48494
|
@ -64,7 +64,6 @@ class ApplicationController < ActionController::Base
|
||||||
before_filter :user_setup, :check_if_login_required, :set_localization
|
before_filter :user_setup, :check_if_login_required, :set_localization
|
||||||
filter_parameter_logging :password
|
filter_parameter_logging :password
|
||||||
|
|
||||||
rescue_from ActionController::InvalidAuthenticityToken, :with => :invalid_authenticity_token
|
|
||||||
# FIXME: This doesn't work with Rails >= 3.0 anymore
|
# FIXME: This doesn't work with Rails >= 3.0 anymore
|
||||||
# Possible workaround: https://github.com/rails/rails/issues/671#issuecomment-1780159
|
# Possible workaround: https://github.com/rails/rails/issues/671#issuecomment-1780159
|
||||||
rescue_from ActionController::RoutingError, :with => proc{render_404}
|
rescue_from ActionController::RoutingError, :with => proc{render_404}
|
||||||
|
@ -336,13 +335,6 @@ class ApplicationController < ActionController::Base
|
||||||
request.xhr? ? false : 'base'
|
request.xhr? ? false : 'base'
|
||||||
end
|
end
|
||||||
|
|
||||||
def invalid_authenticity_token
|
|
||||||
if api_request?
|
|
||||||
logger.error "Form authenticity token is missing or is invalid. API calls must include a proper Content-type header (text/xml or text/json)."
|
|
||||||
end
|
|
||||||
render_error "Invalid form authenticity token."
|
|
||||||
end
|
|
||||||
|
|
||||||
def render_feed(items, options={})
|
def render_feed(items, options={})
|
||||||
@items = items || []
|
@items = items || []
|
||||||
@items.sort! {|x,y| y.event_datetime <=> x.event_datetime }
|
@items.sort! {|x,y| y.event_datetime <=> x.event_datetime }
|
||||||
|
|
Loading…
Reference in New Issue