Display an error when authenticity token is invalid.

author Jean-Philippe Lang <jp_lang@yahoo.fr>

Wed, 25 Nov 2009 20:45:16 +0000 (20:45 +0000)

committer Jean-Philippe Lang <jp_lang@yahoo.fr>

Wed, 25 Nov 2009 20:45:16 +0000 (20:45 +0000)
author Jean-Philippe Lang <jp_lang@yahoo.fr>
Wed, 25 Nov 2009 20:45:16 +0000 (20:45 +0000)
committer Jean-Philippe Lang <jp_lang@yahoo.fr>
Wed, 25 Nov 2009 20:45:16 +0000 (20:45 +0000)
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb

index 071d48ef01e6a1090d7ffeb053dbf094bd7105b3..a794b3b28132c99a8eec562f3f0489e5ec20eb69 100644 (file)
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -38,6 +38,8 @@ class ApplicationController < ActionController::Base
    filter_parameter_logging :password
    protect_from_forgery
    
+  rescue_from ActionController::InvalidAuthenticityToken, :with => :invalid_authenticity_token
+  
    include Redmine::Search::Controller
    include Redmine::MenuManager::MenuController
    helper Redmine::MenuManager::MenuHelper
@@ -189,6 +191,10 @@ class ApplicationController < ActionController::Base
      render :text => '', :layout => !request.xhr?, :status => 500
    end
    
+  def invalid_authenticity_token
+    render_error "Invalid form authenticity token."
+  end
+  
    def render_feed(items, options={})    
      @items = items || []
      @items.sort! {|x,y| y.event_datetime <=> x.event_datetime }
author	Jean-Philippe Lang <jp_lang@yahoo.fr>
	Wed, 25 Nov 2009 20:45:16 +0000 (20:45 +0000)
committer	Jean-Philippe Lang <jp_lang@yahoo.fr>
	Wed, 25 Nov 2009 20:45:16 +0000 (20:45 +0000)