From 130b71d121f4fd10a77fd254d87ddb8f8aedb496 Mon Sep 17 00:00:00 2001 From: Jean-Philippe Lang Date: Mon, 25 Jul 2011 21:02:27 +0000 Subject: [PATCH] Sets forgery protection filter first. git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@6315 e93f8b46-1217-0410-a6f0-8f06a7374b81 --- app/controllers/application_controller.rb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index cf9a849bc..bfed52d84 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -25,6 +25,8 @@ class ApplicationController < ActionController::Base layout 'base' exempt_from_layout 'builder', 'rsb' + + protect_from_forgery # Remove broken cookie after upgrade from 0.8.x (#4292) # See https://rails.lighthouseapp.com/projects/8994/tickets/3360 @@ -40,7 +42,6 @@ class ApplicationController < ActionController::Base before_filter :user_setup, :check_if_login_required, :set_localization filter_parameter_logging :password - protect_from_forgery rescue_from ActionController::InvalidAuthenticityToken, :with => :invalid_authenticity_token rescue_from ::Unauthorized, :with => :deny_access -- 2.39.5