Remove autologin cookie on unverified request.

author Jean-Philippe Lang <jp_lang@yahoo.fr>

Mon, 25 Jul 2011 21:15:09 +0000 (21:15 +0000)

committer Jean-Philippe Lang <jp_lang@yahoo.fr>

Mon, 25 Jul 2011 21:15:09 +0000 (21:15 +0000)
author Jean-Philippe Lang <jp_lang@yahoo.fr>
Mon, 25 Jul 2011 21:15:09 +0000 (21:15 +0000)
committer Jean-Philippe Lang <jp_lang@yahoo.fr>
Mon, 25 Jul 2011 21:15:09 +0000 (21:15 +0000)
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb

index bfed52d84475aa70d70493321515e9ef11b605e4..1a9eb16d75a7ff3405e25a8128030ac1586b4af1 100644 (file)
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -27,7 +27,10 @@ class ApplicationController < ActionController::Base
    exempt_from_layout 'builder', 'rsb'
    
    protect_from_forgery
-
+  def handle_unverified_request
+    super
+    cookies.delete(:autologin)
+  end
    # Remove broken cookie after upgrade from 0.8.x (#4292)
    # See https://rails.lighthouseapp.com/projects/8994/tickets/3360
    # TODO: remove it when Rails is fixed
author	Jean-Philippe Lang <jp_lang@yahoo.fr>
	Mon, 25 Jul 2011 21:15:09 +0000 (21:15 +0000)
committer	Jean-Philippe Lang <jp_lang@yahoo.fr>
	Mon, 25 Jul 2011 21:15:09 +0000 (21:15 +0000)