Using file will overwrite the $file parameter in the template base. Leading to trying to include a file that is the exception message. Which will of course fail. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>tags/v14.0.0beta4
@@ -12,6 +12,6 @@ if(!isset($_)) {//standalone page is not supported anymore - redirect to / | |||
<ul> | |||
<li class='error'> | |||
<?php p($l->t( 'Access forbidden' )); ?><br> | |||
<p class='hint'><?php if(isset($_['file'])) p($_['file'])?></p> | |||
<p class='hint'><?php if(isset($_['message'])) p($_['message'])?></p> | |||
</li> | |||
</ul> |
@@ -249,7 +249,7 @@ class SecurityMiddleware extends Middleware { | |||
$url = $this->urlGenerator->linkToRoute('core.login.showLoginForm', $params); | |||
$response = new RedirectResponse($url); | |||
} else { | |||
$response = new TemplateResponse('core', '403', ['file' => $exception->getMessage()], 'guest'); | |||
$response = new TemplateResponse('core', '403', ['message' => $exception->getMessage()], 'guest'); | |||
$response->setStatus($exception->getCode()); | |||
} | |||
} |
@@ -568,7 +568,7 @@ class SecurityMiddlewareTest extends \Test\TestCase { | |||
'test', | |||
$exception | |||
); | |||
$expected = new TemplateResponse('core', '403', ['file' => $exception->getMessage()], 'guest'); | |||
$expected = new TemplateResponse('core', '403', ['message' => $exception->getMessage()], 'guest'); | |||
$expected->setStatus($exception->getCode()); | |||
$this->assertEquals($expected , $response); | |||
} |