From f3bcb705f74622afae785d9df793a0bbed3a11d3 Mon Sep 17 00:00:00 2001 From: Jean-Philippe Lang Date: Wed, 25 Nov 2009 20:45:16 +0000 Subject: [PATCH] Display an error when authenticity token is invalid. git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3094 e93f8b46-1217-0410-a6f0-8f06a7374b81 --- app/controllers/application_controller.rb | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 071d48ef..a794b3b2 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -38,6 +38,8 @@ class ApplicationController < ActionController::Base filter_parameter_logging :password protect_from_forgery + rescue_from ActionController::InvalidAuthenticityToken, :with => :invalid_authenticity_token + include Redmine::Search::Controller include Redmine::MenuManager::MenuController helper Redmine::MenuManager::MenuHelper @@ -189,6 +191,10 @@ class ApplicationController < ActionController::Base render :text => '', :layout => !request.xhr?, :status => 500 end + def invalid_authenticity_token + render_error "Invalid form authenticity token." + end + def render_feed(items, options={}) @items = items || [] @items.sort! {|x,y| y.event_datetime <=> x.event_datetime }