Nemcio/Redmine
1
0
Fork 0
mirror of https://github.com/redmine/redmine.git synced 2025-11-02 19:36:00 +01:00
Code Issues Packages Projects Releases Activity

Potentiel data leak in "Invalid form authenticity token" error screen (#16511).

Browse Source 
git-svn-id: http://svn.redmine.org/redmine/trunk@13041 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
Jean-Philippe Lang
2014-04-05 08:19:55 +00:00
parent 380b0515d1
commit 4920bb9d4d
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
app/controllers/application_controller.rb
View File

@@ -44,6 +44,7 @@ class ApplicationController < ActionController::Base
unless api_request? unless api_request?
super super
cookies.delete(autologin_cookie_name) cookies.delete(autologin_cookie_name)
self.logged_user = nil
render_error :status => 422, :message => "Invalid form authenticity token." render_error :status => 422, :message => "Invalid form authenticity token."
end end
end end